daily plain-text briefing: security, markets, business, and pittsburgh
International police gutted the SocGholish malware network tied to Evil Corp as the Gentlemen ransomware gang armed its affiliates with EDR-killing tools and CISA scrambled to harden 74,000 Fortinet devices exposed in the FortiBleed leak.
Latest developments: ESET exposed the Gentlemen ransomware-as-a-service gang centrally developing GentleKiller, which targets more than 400 security processes across 48 products and ships directly to affiliates, and the group claimed the attack that halted harvesting and milling at Queensland producer Mackay Sugar.
Gentlemen rents encryptors and, unusually, hands affiliates ready-made tooling to disable endpoint detection; a May 2026 internal data leak confirmed the arrangement and named the gang's leader. Defenders should watch for tampering with EDR agents.
Sources: BleepingComputer · Help Net Security · The Record · ↑ top
Latest developments: The Microsoft Defender Security Research Team detailed Crypto Clipper, a lightweight Windows clipboard hijacker active since February 2026 that self-propagates through malicious USB shortcut files and polls a Tor hidden-service command server using Windows Script Host and ActiveX logic.
The clipper silently swaps cryptocurrency wallet addresses copied to the clipboard so victims send funds to the attacker, and its worming over USB lets it jump air-gapped and offline machines. Users should verify wallet addresses before every transfer.
Sources: Ars Technica Security · The Hacker News · BleepingComputer · ↑ top
Latest developments: CISA published an advisory confirming that attackers are actively using the leaked FortiBleed credentials to target internet-accessible Fortinet firewalls and VPN gateways across government and private organizations, and it urged operators to rotate credentials and harden the devices.
FortiBleed exposed credentials inside the configuration files of roughly 74,000 Fortinet firewalls and VPN gateways worldwide after a Russian-speaking group accidentally left the stolen data on its own server, where researcher Volodymyr Diachenko found it. Affected organizations should assume compromise and reset credentials.
Sources: CISA Advisories · BleepingComputer · Help Net Security · ↑ top
Latest developments: The Dutch National Police and the Operation Endgame coalition seized 106 servers and domains and scrubbed nearly 15,000 hacked WordPress sites that had served SocGholish payloads, naming Russia's Evil Corp as the operator.
SocGholish lures victims into running malware through fake software-update prompts planted on compromised WordPress sites and feeds initial access to ransomware crews. Site owners should check for the injected loaders and confirm cleanup.
Sources: Help Net Security · BleepingComputer · ↑ top
Latest developments: Apple shipped firmware updates closing a high-severity flaw in its Beats Studio Buds that let an attacker within Bluetooth range listen to a wearer's conversations, a bug researchers disclosed twelve months ago that reaches earbuds from multiple manufacturers.
The vulnerability lets a nearby attacker capture audio from affected wireless earbuds without pairing. Owners of Beats Studio Buds should install the latest firmware.
Sources: Ars Technica Security · BleepingComputer · ↑ top
Latest developments: Accenture agreed to buy a majority stake in industrial-security firm Dragos, valuing it at $3.25 billion, plus all of runZero and NetRise in a $4.1 billion operational-technology push, the same day CISA issued seven industrial advisories led by a CVSS 9.8 remote-code-execution flaw, CVE-2026-40624, in AVer PTC cameras.
The deal consolidates industrial-asset visibility under Dragos as CISA flags fresh code-execution and denial-of-service bugs in gear from AVer, Schneider Electric, Mitsubishi Electric, and Rockwell Automation. Plant operators should review the advisories and apply available fixes.
Sources: SecurityWeek · CISA Advisories · ↑ top
Latest developments: Defense Secretary Pete Hegseth announced Thursday a review of U.S. forces in Europe and warned Washington will pare its contributions to the alliance unless European members raise their own military spending.
Pete Hegseth told NATO that the size of the American troop presence and budget share on the continent now hinges on European defense spending, raising the prospect of a U.S. drawdown from Europe as the war in Ukraine grinds on.
Sources: WSJ Politics · ↑ top
Latest developments: The U.S. and Iran signed their interim accord Thursday, sending the Nasdaq up nearly 2% and gasoline prices lower, while shipping executives warned the deal's language lets Tehran levy Strait of Hormuz transit fees after 60 days.
The agreement to wind down the U.S.-Iran war moved into a contentious phase as Vice President JD Vance defended it against bipartisan and Israeli criticism, oil eased on signs the strait that carries a fifth of the world's oil will reopen, and carriers cautioned that fees on the channel could follow.
Sources: WSJ Markets · FT World · ↑ top
Tonight: Mostly Cloudy, low 58F.
Juneteenth: Mostly Sunny, high 78F.
Friday Night: Mostly Clear, low 58F.
Latest developments: Three bills regulating data-center development cleared committee and headed to the full Pennsylvania House on Wednesday, June 17, broadening the local rules Franklin Park adopted earlier into statewide policy.
Lawmakers from both parties in Harrisburg advanced three measures governing the energy-hungry data centers spreading across Pennsylvania, agreeing the companies building them need oversight as construction races ahead during budget season.
Latest developments: Schwebel Baking Company will shut down after more than 120 years, pulling a longtime brand from western Pennsylvania bread aisles.
Schwebel Baking Company, a regional bread maker stocked across Pittsburgh-area grocery stores for 120 years, is going out of business.
Latest developments: PennDOT will study converting the Interstate 279 high-occupancy-vehicle lanes to Pittsburgh's North Hills into two-way, possibly tolled, lanes.
The Pennsylvania Department of Transportation plans to examine adding two-way traffic and tolls on the HOV lanes linking downtown Pittsburgh with the North Hills, which now reverse direction by time of day.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: The main phase of PennDOT's Commercial Street Bridge replacement begins soon, closing Commercial Street where it passes beneath the Parkway East.
PennDOT will shut Commercial Street under Interstate 376, the Parkway East, in Pittsburgh as it enters the critical stage of replacing the Commercial Street Bridge, a closure long flagged to drivers.
Latest developments: A developer proposed a nine-story residential building at 301 Grandview Avenue, a plan that would require demolishing the church now on the Mt. Washington lot.
The proposal for 301 Grandview Avenue would replace a Mt. Washington church with a nine-story apartment building above downtown Pittsburgh, a project some neighbors oppose.
Latest developments: The South Side Hospitality Partnership opens the first South Side Street Fest on Saturday, June 20, closing East Carson Street to traffic, after the state granted $125,000 to fund security.
The inaugural South Side Street Fest turns East Carson Street in Pittsburgh's South Side into a pedestrian zone on Saturday, June 20, 2026.
Latest developments: NEXTpittsburgh's June 18-21 guide highlights Monster Jam, Summer Splash, and Bubblesburgh among the weekend's offerings.
Pittsburgh's weekend of June 18 through 21, 2026, includes Monster Jam, the Summer Splash, Bubblesburgh, and the four-day Western Pennsylvania Juneteenth and Black Music Celebration running 11 a.m. to 10 p.m. at Point State Park, Market Square, and Liberty Avenue.
Sources: NEXTpittsburgh Events · ↑ top
Pirates (38-37)
Wed Jun 17 · Pirates 12 · Athletics 4 · Final
Ryan O'Hearn knocks in career-high 6 runs as Pirates roll to 12-4 victory over Athletics
Up Next · Pirates @ Rockies · Fri Jun 19, 8:40 PM
Latest developments: Tight end Darnell Washington joined Not Just Football with Cam Heyward fresh off signing a four-year, $42 million extension with the Steelers.
On Cam Heyward's Not Just Football podcast, Steelers tight end Darnell Washington discussed his new four-year, $42 million contract and the coming season, with the show also crediting his growing role as a pass catcher.
Sources: Not Just Football with Cam Heyward · ↑ top
Latest developments: On the June 18 SNR Drive, Matt Williamson and Wes Uhler assessed how new defensive coordinator Patrick Graham's scheme fits the 2026 Steelers roster.
The Steelers podcast SNR Drive measured Patrick Graham's 2025 defense against the talent he inherits in Pittsburgh and ran through the final offseason to-do list for all 32 NFL teams.
Sources: Pittsburgh Steelers (YouTube) · ↑ top
Latest developments: A Post-Gazette film breakdown praised Steelers rookie defensive lineman Gabriel Rubio's hand technique against the run.
The Post-Gazette's Steelers film room judged Notre Dame rookie Gabriel Rubio a solid run defender for his violent hands, in an analysis that also looked at linemen Vega Ioane and Derrick Harmon.
Sources: Post-Gazette Steelers · ↑ top
S&P 500 7,483.56 ▲ +1.6% Dow 51,586.04 ▲ +1.8% Nasdaq 26,297.74 ▲ +2.5% WTI crude 81.24 ▼ -10.4% EUR/USD 1.1578 ▲ +0.3% GBP/USD 1.3401 ▲ +0.3% USD/JPY 160.27 = -0.0%