================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Wednesday, June 17, 2026 - 11:46 PM EDT ================================================================ A sprawling FortiBleed credential leak exposes VPN logins at Oracle, Lenovo, FedEx, and a NATO contractor as Microsoft races to patch a Defender zero-day attackers already weaponized. CONTENTS: What's changed | Emerging Trends | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets WHAT'S CHANGED SINCE THE LAST UPDATE ---------------------------------------------------------------- * RoguePlanet Defender zero-day confirmed as CVE-2026-50656, patch in development [new] * FortiBleed leak hits Oracle, Lenovo, FedEx, NATO contractor, Fortinet itself [new] * Oracle 245 fixes, Chrome/Firefox, Rockwell, and CISA Joomla mandate [new] * ShinyHunters breached Kodak; INC ransomware targets healthcare [new] * NCSC: hostile states prepositioning in UK critical infrastructure [new] * Warsh's first Fed meeting holds rates, scraps cut bias and guidance [new] * India bans Telegram; Durov alleges Reliance BGP hijack hit UAE [new] * Vendors ship AI agent/MCP controls; 1Password buys Apono [new] * Stolen credentials surge, with takeovers bypassing legacy MFA [new] * Pittsburgh under severe-weather, tornado threat Thursday morning [new] EMERGING TRENDS ---------------------------------------------------------------- * AI Offense: AI agents and tooling keep lowering the attacker skill floor and quickening intrusions, from OALABS's low-skilled operator driving Claude and Codex to Microsoft warning that AI now accelerates cyberattacks faster than patching can answer. * Agent Governance: Vendors raced to fence in AI agents, as WitnessAI, Tigera, and Tenet Security shipped agent and Model Context Protocol controls and 1Password bought just-in-time access firm Apono for a reported $250 million to $300 million. * Credential Harvesting: Stolen logins drove the day, with FortiBleed dumping tens of thousands of VPN credentials and analysts flagging account takeovers that slip past legacy multifactor authentication. SECURITY ---------------------------------------------------------------- 1. FORTIBLEED CREDENTIAL LEAK WIDENS Vulnerabilities and Exploits · [credential-leak, vpn, fortinet] Latest developments: Ars Technica named the sensitive networks caught in the dump—Oracle, Lenovo, FedEx, a NATO contractor, and Fortinet itself—while Dark Reading reported attackers working through nearly 200 countries and compiling a verified-credential list for tens of thousands of devices. FortiBleed exposed Fortinet and FortiGate VPN credentials for 73,932 firewall URLs worldwide, and SOCRadar counts 30,000 compromised firewalls tied to three recently patched FortiSandbox flaws. Affected organizations should rotate VPN credentials and patch FortiSandbox at once. - Ars Technica Security: https://arstechnica.com/security/2026/06/massive-breach-spills-credentials-for-thousands-of-sensitive-networks/ - Dark Reading: https://www.darkreading.com/cyberattacks-data-breaches/sweeping-credential-harvesting-heist-compromises-30k-fortinet-devices - BleepingComputer: https://www.bleepingcomputer.com/news/security/fortibleed-leak-exposes-fortinet-vpn-credentials-for-73-000-devices/ - SecurityWeek: https://www.securityweek.com/3-recently-patched-fortinet-fortisandbox-vulnerabilities-in-hacker-crosshairs/ 2. ROGUEPLANET DEFENDER ZERO-DAY Vulnerabilities and Exploits · [zero-day, windows, patch] Latest developments: Microsoft confirmed RoguePlanet as CVE-2026-50656, a CVSS 7.8 privilege-escalation race condition in the Microsoft Malware Protection Engine that public proof-of-concept code uses to spawn a System-level command prompt, and said a patch is in development a week after disclosure. An actor calling itself Nightmare Eclipse dropped three Windows zero-days, including RoguePlanet and a BitLocker bypass a thief can trigger with a USB stick. Windows users running Microsoft Defender await the fix. - The Hacker News: https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html - SecurityWeek: https://www.securityweek.com/microsoft-working-on-patch-for-rogueplanet-zero-day/ - BleepingComputer: https://www.bleepingcomputer.com/news/microsoft/microsoft-working-on-defender-patch-for-rogueplanet-zero-day/ - Graham Cluley: https://grahamcluley.com/smashing-security-podcast-472/ 3. ORACLE, BROWSER, AND ICS PATCHES LAND Vulnerabilities and Exploits · [patch, ics, browser] Latest developments: Oracle shipped 245 fixes in its June 2026 Critical Patch Update, Google and Mozilla patched critical memory-safety bugs in Chrome and Firefox, Rockwell Automation fixed flaws in Logix, CompactLogix, RSLinx, and FactoryTalk, and CISA ordered federal agencies to patch the maximum-severity Joomla Content Editor flaw CVE-2026-48907 by Friday. The June patch wave spans enterprise, browser, and industrial software, with the Joomla JCE flaw already exploited for PHP code execution. Administrators should prioritize the exploited Joomla bug and the Oracle and browser fixes. - SecurityWeek: https://www.securityweek.com/oracles-second-monthly-security-updates-deliver-245-patches/ - SecurityWeek: https://www.securityweek.com/chrome-and-firefox-updated-to-patch-critical-high-severity-vulnerabilities/ - SecurityWeek: https://www.securityweek.com/rockwell-automation-patches-vulnerabilities-in-ics-controllers-and-software/ - BleepingComputer: https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-max-severity-joomla-plugin-flaw-by-friday/ 4. SHINYHUNTERS HITS KODAK AS INC TARGETS HEALTHCARE Ransomware and Cybercrime · [ransomware, extortion, breach] Latest developments: Kodak confirmed that hackers accessed company data in a breach the ShinyHunters extortion gang claimed, and Dark Reading detailed how INC ransomware thrives by striking healthcare and other sectors where disruption forces a fast payout. ShinyHunters, recently tied to Oracle PeopleSoft attacks, added imaging maker Kodak to its victims, which is now working with external experts. INC ransomware keeps mastering basics and pressuring high-stakes sectors. - BleepingComputer: https://www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/ - Dark Reading: https://www.darkreading.com/cyberattacks-data-breaches/inc-ransomware-thrives-by-mastering-the-basics 5. HOSTILE STATES PREPOSITION IN UK INFRASTRUCTURE Nation-State Activity · [nation-state, critical-infrastructure] Latest developments: NCSC chief executive Richard Horne told the Royal United Services Institute that hostile states drive three-quarters of attacks on Britain's critical infrastructure and are prepositioning inside it, warning that kinetic targeting in any future conflict will rest on intelligence gathered today. Britain's critical-infrastructure operators face sustained state intrusion aimed at mapping networks for future strikes. Horne pressed owners to harden their systems now. - The Record: https://therecord.media/britain-nation-state-cyberattacks-richard-horne-rusi 6. INDIA'S TELEGRAM BAN DISRUPTS THE UAE Policy and Regulation · [censorship, policy, bgp] Latest developments: India banned Telegram until June 22 after leaked exam papers circulated on the app, and chief executive Pavel Durov accused telecom Reliance of BGP hijacking that knocked Telegram offline as far away as the United Arab Emirates. India ordered the block over leaked exams, and Durov says Reliance's routing manipulation spilled the outage across borders. Users reach Telegram through an MTProto proxy. - BleepingComputer: https://www.bleepingcomputer.com/news/security/indias-telegram-ban-hit-the-uae-too-heres-how-to-get-around-it/ BUSINESS AND POLITICS ---------------------------------------------------------------- * Warsh Fed Holds Rates, Overhauls Its Message Latest developments: Kevin Warsh's debut meeting delivered the machinery behind the prior day's hawkish signal: the Federal Open Market Committee held its benchmark rate steady in a unanimous vote, abandoned its bias toward rate cuts, and scrapped explicit forward guidance, sending Treasury yields and the dollar higher as stocks fell again. At Chair Kevin Warsh's first Federal Open Market Committee meeting, the Federal Reserve kept rates unchanged Wednesday and issued a sharply shortened statement, while officials' own projections pointed to at least one increase by year-end as the central bank moves to tame the inflation jolt from the Iran war. - FT World: https://www.ft.com/content/0fda593c-7de5-44e2-825c-53d7451d5f70 - WSJ Markets: https://www.wsj.com/finance/stocks/global-stocks-markets-dow-update-06-17-2026-05228bac?mod=rss_markets_main PITTSBURGH ---------------------------------------------------------------- Weather: Tonight: Showers And Thunderstorms, low 68F. Thursday: Showers And Thunderstorms then Mostly Sunny, high 83F. Thursday Night: Partly Cloudy, low 59F. Business: * Franklin Park Sets Data-Center Rules Latest developments: Franklin Park Borough Council approved guidelines governing data centers, putting rules in place before any developer proposes one. Franklin Park Borough Council in Allegheny County passed zoning guidelines for data centers, preparing for the day an artificial-intelligence company targets the borough for a project. - WTAE: https://www.wtae.com/article/franklin-park-borough-council-data-center-regulations/71621264 * Skill Games Face Taxation Question Latest developments: Pennsylvania operators and lawmakers now weigh taxation of the machines after this week's state Supreme Court ruling classified skill games as slot machines. The Pennsylvania Supreme Court ruled this week that skill games qualify as slot machines under state law, leaving the lightly regulated, untaxed terminals in bars and stores across the state facing possible taxation and the gaming-law oversight that governs casinos. - WPXI: https://www.wpxi.com/news/local/pennsylvanians-weigh-court-ruling-that-could-lead-taxation-skill-games/SH3EGHR7OREYNL5727KLV52Y2Y/ Around town: * Severe Storms, Tornado Risk Thursday Morning Latest developments: The National Weather Service put the Pittsburgh region under a severe-weather threat for early Thursday, June 18, carrying a tornado risk, flash flooding, damaging winds, and hail, with Duquesne Light warning customers to prepare for outages. Storms moving through overnight into Thursday morning threaten the Pittsburgh area with brief tornadoes, flash flooding, and gusty winds, prompting Duquesne Light to urge customers across Western Pennsylvania to ready for power outages during the region's peak severe-weather season. - KDKA: https://www.cbsnews.com/pittsburgh/news/tornado-strong-winds-thursday-morning-pittsburgh/ - WTAE: https://www.wtae.com/article/duquesne-light-western-pa-storms-june-18-2026/71618783 * Rats Persist on Rostraver's Adams Drive Latest developments: Weeks after KDKA first reported the infestation, Rostraver Township residents say rats still overrun their neighborhood, even after 105 pigs were rescued from the source property. Residents along Adams Drive off Route 51 in Rostraver Township, Westmoreland County, say hundreds of rats keep running through their neighborhood, tracing the problem to one property where authorities removed 105 pigs. - KDKA: https://www.cbsnews.com/pittsburgh/news/rostraver-township-rat-infestation-update/ * Trinity United Church to Rebuild After Fire Latest developments: Trinity United Church of Christ in Indiana Township decided it must tear down and rebuild its sanctuary, which a May fire gutted, with the Rev. David Mears saying the congregation aims to recreate the old building as closely as the community wants. A historic church in Indiana Township, Allegheny County, Trinity United Church of Christ, will demolish and rebuild after a May fire devastated the structure, its pastor, the Rev. David Mears, said. - KDKA: https://www.cbsnews.com/pittsburgh/news/trinity-united-church-of-christ-rebuilding/ SPORTS ---------------------------------------------------------------- Pirates (37-37) Tue Jun 16 · Pirates 6 · Athletics 5 · Final Lowe hits go-ahead homer, Reynolds connects twice as Pirates rally past Athletics for 6-5 victory https://plaintextsports.com/mlb/2026-06-16/pit-ath Wed Jun 17 · Pirates 8 · Athletics 2 · Top 7th (in progress at last update) https://plaintextsports.com/mlb/2026-06-17/pit-ath Up Next · Pirates @ Rockies · Fri Jun 19, 8:40 PM https://plaintextsports.com/mlb/2026-06-19/pit-col Around the Teams: * Hiles Presses the Pirates to Improve Latest developments: Post-Gazette columnist Noah Hiles shifted from the bullpen to the franchise's bigger stakes, warning what a stalled season could cost a roster built around ace Paul Skenes. In a Post-Gazette column, Noah Hiles argued the Pirates must turn their season around or face the consequences, weighing the looming trade deadline, top prospect Konnor Griffin, and general manager Ben Cherington's standing. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/17/mlb-rumors-trade-deadline-skenes-konnor-griffin-cherington/stories/202606170046 READING ---------------------------------------------------------------- * Stratechery -- The State of Fable, The Jailbreak Problem, SpaceX Acquires Cursor Ben Thompson argues the Trump administration is likely wrong in its claims about Anthropic's Fable model yet contends the burden of proof falls on Anthropic, alongside takes on a model-jailbreak problem and SpaceX's acquisition of the coding startup Cursor. https://stratechery.com/2026/the-state-of-fable-the-jailbreak-problem-spacex-acquires-cursor/ * Ed Zitron -- Exclusive: OpenAI Losses Increased Nearly 8X in 2025, With Spending Hitting $34 Billion Zitron publishes financials showing OpenAI's losses grew nearly eightfold in 2025 as spending reached $34 billion, fuel for his argument that the company burns cash with no path to profitability. https://www.wheresyoured.at/exclusive-openai-financials/ * Cal Newport -- AI Isn’t Breaking Work. It’s Already Broken. Responding to a Financial Times interview with Work AI Institute head Rebecca Hinds about a 6,000-person survey, Newport argues knowledge work was already dysfunctional and that AI mainly exposes the existing breakdown. https://calnewport.com/ai-isnt-breaking-work-its-already-broken/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,462.30 ▲ +0.8% Dow 51,442.85 ▲ +1.3% Nasdaq 26,156.09 ▲ +1.1% WTI crude 81.24 ▼ -10.4% EUR/USD 1.1584 ▲ +0.2% GBP/USD 1.3414 ▲ +0.3% USD/JPY 160.25 ▲ +0.1% ================================================================ Generated 2026-06-17 23:46 EDT. Sources: 24 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================