================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Monday, June 15, 2026 - 7:07 PM EDT ================================================================ Attackers hammered VPNs and remote-access tools through fresh zero-days while AI gateways, assistants, and the models themselves emerged as the day's newest battlegrounds. CONTENTS: Emerging Trends | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS ---------------------------------------------------------------- * AI Attack Surface: AI gateways, copilots, and the models themselves drew attacks today, from the LiteLLM takeover chain to the Copilot SearchLeak exfiltration path, marking AI infrastructure as a primary target. * Edge Exploitation: Attackers actively exploited VPNs and remote-access tools—PAN-OS GlobalProtect, SimpleHelp, and Cisco SD-WAN—keeping network edge devices the fastest route into enterprises. * State Intervention: Governments reached for blunt legal levers this day—an export order against Anthropic's models, an FCC plan to end burner phones, and a DOJ deepfake-site seizure—reshaping security through policy. * Nonhuman Identity: A wave of launches from Omada, Delinea, 1Password, and NewCore targeted governance of AI agents and machine identities, signaling that non-human actors now dominate identity risk. SECURITY ---------------------------------------------------------------- :: VULNERABILITIES AND EXPLOITS 1. VPNS AND REMOTE-ACCESS TOOLS FALL TO FRESH ZERO-DAYS [zero-day, patch, exploit] Latest developments: Palo Alto Networks confirmed active exploitation of CVE-2026-0257, an authentication-bypass flaw in PAN-OS GlobalProtect portals and gateways; SimpleHelp disclosed a bug that lets unauthenticated attackers mint privileged technician accounts through OIDC; and CISA added Cisco Catalyst SD-WAN Manager CVE-2026-20262 and LiteSpeed cPanel plugin CVE-2026-54420 to its Known Exploited Vulnerabilities catalog. GlobalProtect is Palo Alto's enterprise VPN, and CVE-2026-0257 lets attackers bypass authentication on its portals and gateways to gain unauthorized access. SimpleHelp's flaw hands unauthenticated attackers privileged technician accounts on servers running OIDC, a clean foothold for deeper intrusion. Cisco's SD-WAN Manager flaw escalates an attacker to root, and the LiteSpeed cPanel plugin follows symlinks to corrupt files. Administrators should patch all four now and hunt for rogue accounts and unexpected access. - The Hacker News: https://thehackernews.com/2026/06/palo-alto-warns-of-active-exploitation.html - BleepingComputer: https://www.bleepingcomputer.com/news/security/simplehelp-bug-lets-hackers-create-rogue-remote-support-accounts/ - CISA Advisories: https://www.cisa.gov/news-events/alerts/2026/06/15/cisa-adds-two-known-exploited-vulnerabilities-catalog - BleepingComputer: https://www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/ 2. AMD QUIETLY STRIPS MEMORY ENCRYPTION FROM CONSUMER CPUS [hardware, vulnerability] Latest developments: Users found that AMD removed transparent secure memory encryption (TSME) from recent consumer processors in a deliberate, undocumented change, stripping a baseline defense against cold-boot and physical memory attacks. TSME automatically encrypts system RAM, blocking cold-boot and physical attacks that read memory directly off the chips. Users discovered AMD pulled the feature from recent desktop and laptop processors and said nothing about it. The change leaves consumer machines exposed while pricier server and professional parts keep the protection. Buyers who depend on memory encryption should confirm support before purchasing. - Ars Technica Security: https://arstechnica.com/security/2026/06/users-cry-foul-after-amd-stripped-memory-crypto-from-its-consumer-cpus/ 3. AI FLAW-HUNTING DRIVES 2026 CVES TOWARD 66,000 [vulnerability, ai] Latest developments: FIRST raised its 2026 forecast to roughly 66,000 CVEs, well above the year's opening projection, crediting AI tools that now hunt software flaws on their own and find them efficiently. FIRST, the Forum of Incident Response and Security Teams, now projects 2026 will close near 66,000 disclosed vulnerabilities. The jump traces mostly to AI tools that find software flaws autonomously and at speed. The surge strains triage, patching, and prioritization for defenders already running behind. Security teams should lean on exploit-prediction scoring and KEV data to aim limited remediation effort where attackers actually go. - Help Net Security: https://www.helpnetsecurity.com/2026/06/15/first-2026-cve-forecast/ :: AI SECURITY 4. LITELLM GATEWAY CHAIN YIELDS FULL SERVER TAKEOVER [ai, vulnerability] Latest developments: Obsidian Security disclosed three chained flaws that let a default low-privilege LiteLLM account climb to full admin and run code on the host, exposing every model-provider key the gateway holds. LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface. Obsidian Security chained three bugs that carry a default low-privilege account all the way to admin and code execution on the server. A takeover spills every provider API key the gateway stores along with the secrets behind them. Teams running LiteLLM should update immediately, rotate keys, and lock down the default account. - The Hacker News: https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html 5. US EXPORT ORDER FORCES ANTHROPIC TO DISABLE CYBER AI MODELS [policy, ai] Latest developments: Anthropic said the US government invoked national-security authorities to force the worldwide shutdown of Fable 5 and Mythos 5, the first known use of those authorities against an AI model's export, a lever Washington once reserved for chips and hardware. Anthropic abruptly suspended worldwide access to Fable 5 and Mythos 5 after a US directive barred foreign nationals from the technology. The company says the order cited national-security authorities and applies them to an AI model's export for the first time. Anthropic disputes the cited basis even as it complies. The move opens a front in AI governance where model capabilities draw the same controls as advanced silicon. - The Record: https://therecord.media/anthropic-says-gov-forced-it-to-disable-cyber-ai-models - Dark Reading: https://www.darkreading.com/cyber-risk/us-cracks-down-anthropic-ai-models-abuse-concerns :: RANSOMWARE AND CYBERCRIME 6. FBI AND GOOGLE DISMANTLE OUTSIDER ENTERPRISE PHISHING SERVICE [phishing, takedown, cybercrime] Latest developments: After Google's lawsuit earlier this month, the FBI and Google dismantled Outsider Enterprise, a China-based phishing-as-a-service operation that ran more than 9,000 phishing sites, stole close to 4 million credit cards, and caused roughly $1.9 billion in losses. Outsider Enterprise sold a phishing-as-a-service kit that blasted scam texts at Americans and harvested payment-card data at scale. Google sued the network in June; now law enforcement and the company have seized its infrastructure of more than 9,000 sites. Investigators tally nearly 4 million stolen credit cards and about $1.9 billion in losses. The operation pairs civil action with seizure to break a high-volume smishing pipeline. - SecurityWeek: https://www.securityweek.com/fbi-google-dismantle-outsider-enterprise-phishing-service/ :: POLICY AND REGULATION 7. FCC PROPOSAL WOULD END ANONYMOUS BURNER PHONES [policy, privacy] Latest developments: A proposed FCC rule would compel US carriers to store a government-issued ID number and physical address for essentially every phone customer, eliminating prepaid accounts unattached to a named person. The proposal would tie every phone account to a government ID and a physical address, killing the burner phones that journalists, abuse survivors, and activists rely on for anonymity. Privacy advocates compare the data-retention mandate to surveillance regimes in authoritarian states. The rule would pile sensitive identity records inside telecoms, manufacturing a fresh breach target. Public comment will shape whether it advances. - Schneier on Security: https://www.schneier.com/blog/archives/2026/06/the-fcc-wants-to-eliminate-burner-phones.html 8. DOJ SEIZES DEEPFAKE NUDE SITES IN FIRST TAKE IT DOWN ACT ACTION [policy, ai, deepfake] Latest developments: The Justice Department seized CFAKE.com and SOCFAKE.com, which hosted nonconsensual AI-generated nude images and videos of women, in what appears the first publicly announced domain seizure under the TAKE IT DOWN Act. The two sites manufactured and distributed nonconsensual AI-generated nude imagery of women. The Justice Department's seizure marks the first public domain takedown under the TAKE IT DOWN Act, the law that criminalizes nonconsensual intimate imagery and compels its removal. The action tests whether the young statute can reach deepfake operators. Victims and advocates have pushed for enforcement since the act passed. - BleepingComputer: https://www.bleepingcomputer.com/news/security/doj-seizes-cfake-socfake-deepfake-nude-sites-under-take-it-down-act/ BUSINESS AND POLITICS ---------------------------------------------------------------- * US-Iran Deal Signed, Markets Hit Records Latest developments: Trump and Iran's top negotiator signed a memorandum of understanding Monday, and the Dow closed at a record while oil settled at its lowest since March 4—a concrete advance over Sunday's announcement that the deal was merely complete. The agreement commits Iran to dismantle its nuclear program and reopen the Strait of Hormuz in exchange for sanctions relief, and a signing ceremony follows Friday. Oil futures slid, average US gasoline dropped below $4 a gallon, and global stocks rallied, though long-term terms still hang unresolved and traffic through the strait could take weeks to recover. - WSJ Markets: https://www.wsj.com/finance/global-stocks-markets-dow-news-06-15-2026-c6898869?mod=rss_markets_main - WSJ World News: https://www.wsj.com/world/middle-east/questions-about-trumps-iran-deal-set-to-dominate-g-7-fcd7fcbc - FT Markets: https://www.ft.com/content/8a6849de-b27c-4680-a80d-42b85b0e77eb - FT Markets: https://www.ft.com/content/ff17e2a2-7744-4e19-9e1d-23bc5892191c PITTSBURGH ---------------------------------------------------------------- Weather: Tonight: Mostly Clear, low 51F. Tuesday: Mostly Sunny, high 77F. Tuesday Night: Mostly Cloudy then Chance Rain Showers, low 58F. Business: * Astrobotic Readies Griffin Moonshot Latest developments: Pittsburgh's Astrobotic faces one final test before launching Griffin, its second lunar lander, which will carry NASA cargo toward a planned moon base aboard a SpaceX rocket. Astrobotic, the North Side robotics company, built the Griffin lander to deliver NASA equipment to the moon after its first lander, Peregrine, fell short in 2024. The company is finishing checks ahead of liftoff. - Pittsburgh Post-Gazette: https://www.post-gazette.com/business/tech-news/2026/06/15/astrobotic-spacex-nasa-moon-base-griffin-peregrine/stories/202606150033 * Pittsburgh Weddings Top National Average Latest developments: A local study finds the cost of a Pittsburgh wedding runs higher than the national average, KDKA reported. KDKA's Talk the Talk segment examined why couples marrying in Pittsburgh pay more than the typical American wedding bill. - KDKA: https://www.cbsnews.com/pittsburgh/video/talk-the-talk-june-15-2026/ Around town: * Tornadoes Confirmed From Sunday Storms Latest developments: The National Weather Service confirmed at least three tornadoes touched down across Beaver County and eastern Ohio's Columbiana County from Sunday's storms, with survey teams still assessing EF ratings. Sunday's severe storms spawned tornadoes and toppled trees across Western Pennsylvania, blocking roads in Ambridge, ripping a machine shed from a Butler County farm, and cutting power to thousands. Cleanup ran through Monday in Beaver County and Elizabeth Township. - KDKA: https://www.cbsnews.com/pittsburgh/news/confirmed-tornadoes-pennsylvania-ohio-storm-damage/ - WTAE: https://www.wtae.com/article/tornado-confirmed-beaver-county-severe-storms-june-14-2026/71594373 - WPXI: https://www.wpxi.com/news/local/meteorologists-survey-damage-caused-by-severe-storms-beaver-county-residents-clean-up/DINTXNZQ65EDLPLHIEICTLXYHY/ * Parkway North to Close for Bridge Demolition Latest developments: Part of the Parkway North fully closes later this week for demolition of the Jacks Run Road Bridge, after equipment problems postponed Monday night's planned start. Crews will tear down the Jacks Run Road Bridge over the Parkway North, forcing a complete closure of a stretch of the highway and pushing drivers onto detours. - KDKA: https://www.cbsnews.com/pittsburgh/video/part-of-parkway-north-to-close-for-bridge-demolition/ * Aldi Macaroni and Cheese Recalled Latest developments: Park Street Deli recalled its Macaroni & Cheese sold at Aldi nationwide over an undeclared allergen, more than 500,000 packages in all. The recall covers Park Street Deli Macaroni & Cheese stocked at Aldi stores, which carry an allergen the label failed to declare. Shoppers should check packages and return affected products. - WTAE: https://www.wtae.com/article/park-st-deli-macaroni-and-cheese-recall/71594788 * Comfortable Week, Stormy Thursday Latest developments: Forecasters call for dry, comfortable weather through midweek before rain returns Wednesday night and Thursday brings an Impact Day for rain and storms. Western Pennsylvania settles into pleasant conditions early in the week, then turns wet as a storm system arrives Thursday. - WTAE: https://www.wtae.com/article/western-pa-dry-and-comfortable-to-begin-the-week/71585333 SPORTS ---------------------------------------------------------------- Pirates (36-36) Sun Jun 14 · Marlins 4 · Pirates 2 · Final Meyer outduels Skenes, allows one run in six innings as Marlins top Pirates 4-2 https://plaintextsports.com/mlb/2026-06-14/mia-pit Up Next · Pirates @ Athletics · Mon Jun 15, 9:40 PM https://plaintextsports.com/mlb/2026-06-15/pit-ath Around the Teams: * Pirates Scramble to Fix Bullpen Latest developments: Post-Gazette columnist Noah Hiles argued the Pirates must repair their bullpen now or watch it sink the season, and the team called up No. 7 prospect Antwone Kelly to add relief help. Pittsburgh's relief corps has faltered down the stretch of close games. Hiles pointed at manager Don Kelly and general manager Ben Cherington as the bullpen drags on the club; the Pirates promoted right-hander Antwone Kelly from the minors to shore it up. - Post-Gazette Pirates: https://www.post-gazette.com/sports/columns/2026/06/15/mlb-pirates-bullpen-don-kelly-jake-mangum-ben-cherington/stories/202606140080 - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/12/pirates-bullpen-antwone-kelly-debut-aruba-1/stories/202606120034 * Herbig Extension and the Next Steelers Core Latest developments: A Not Just Football short called Nick Herbig's new contract '20 years in the making,' and a Post-Gazette video weighed whether the Steelers can build a defensive core around Herbig and cornerback Joey Porter Jr. The Steelers signed edge rusher Nick Herbig to a new deal, and the beat discussion turned to whether he and Porter Jr., both young, can anchor the defense as the roster turns over. - Not Just Football with Cam Heyward: https://www.youtube.com/shorts/0rfyueiCpE4 - Post-Gazette Steelers: https://www.post-gazette.com/sports/steelers/2026/06/12/nfl-draft-news-rumors-joey-porter-jr-nick-herbig/stories/202606120048 * Allar Learns From Rodgers Latest developments: In Steelers media shorts, quarterback Drew Allar described what he takes from veteran Aaron Rodgers and reflected on the just-finished offseason program. Allar, the young Steelers quarterback, talked about studying Rodgers's approach and his own work through spring practices as the team closed its 2026 offseason program. - Pittsburgh Steelers (YouTube): https://www.youtube.com/shorts/myRUYdyoaBI - Pittsburgh Steelers (YouTube): https://www.youtube.com/shorts/1oITjYeKzxE * Pirates Measure Up Against the Best Latest developments: Post-Gazette's Off The Bat drew six lessons from the Pirates' six games against the Dodgers and Braves, baseball's top teams. The column assessed how Pittsburgh stacked up against elite competition, touching on the rotation behind Paul Skenes and Mitch Keller and the lineup's gap against the league's best. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/13/dodgers-braves-lowe-skenes-keller-ohtani/stories/202606120035 READING ---------------------------------------------------------------- * Ed Zitron -- AI's Brokenomics Zitron dissects what he calls the broken economics of the AI industry, arguing the leading model companies burn billions of dollars a year with no credible path to profitability. https://www.wheresyoured.at/brokenomics/ * Cal Newport -- AI Isn't Breaking Work. It's Already Broken. Reacting to a survey of 6,000 workers cited in a Financial Times interview, Newport contends that modern knowledge work was already dysfunctional, and AI merely exposes the existing mess. https://calnewport.com/ai-isnt-breaking-work-its-already-broken/ * Stratechery -- Anthropic's Safety Superpower Thompson argues that Anthropic's conviction in its own safety mission gives it license to aggressively pursue its business interests and even push back against the US government. https://stratechery.com/2026/anthropics-safety-superpower/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,377.03 ▼ -2.2% Dow 50,725.58 ▼ -0.7% Nasdaq 25,695.30 ▼ -3.8% WTI crude 88.42 ▼ -5.0% EUR/USD 1.1556 ▼ -0.4% GBP/USD 1.3386 ▼ -0.3% USD/JPY 160.23 ▲ +0.2% ================================================================ Generated 2026-06-15 19:07 EDT. Sources: 22 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================