daily plain-text briefing: security, markets, business, and pittsburgh
Defenders scrambled on two fronts as attackers turned an unauthenticated Splunk Enterprise flaw into live remote code execution and the FortiBleed leak laid bare credentials for 86,000 Fortinet devices.
Latest developments: Huntress published a detailed June 18 account calling the incident a "security domino effect" that began with one compromised integration credential, and Dark Reading noted Klue's Battlecards is now the third connected app abused to siphon customers' Salesforce data.
The Icarus threat actors exploited OAuth tokens from a June 11 breach at market-intelligence platform Klue to steal Salesforce CRM data from customers including Huntress and Recorded Future. Salesforce has disabled the Klue Battlecards integration, and affected firms face an ongoing extortion campaign.
Sources: Help Net Security · SecurityWeek · Dark Reading · The Hacker News · ↑ top
Latest developments: Splunk and Resecurity confirmed live exploitation of CVE-2026-20253 and published indicators of compromise, while CISA set a June 21, 2026 mitigation deadline for federal civilian agencies.
CVE-2026-20253 is a critical unauthenticated remote-code-execution flaw in Splunk Enterprise that can yield full system compromise. Operators should apply mitigations now and hunt for the suspicious requests Resecurity flagged as compromise indicators.
Sources: Help Net Security · BleepingComputer · SecurityWeek · ↑ top
Latest developments: SecurityWeek quantified the FortiBleed credential-theft campaign at 86,000 compromised Fortinet device logins—roughly half of all internet-accessible Fortinet firewalls and VPNs—as CISA urged customers to lock down the nearly 74,000 gateways it counted.
FortiBleed dumped credentials for tens of thousands of internet-facing Fortinet firewalls and VPN gateways across government and private networks. Administrators should rotate credentials, harden exposed devices, and assume the leaked logins are already in use.
Sources: SecurityWeek · BleepingComputer · ↑ top
Latest developments: Check Point exposed a campaign that inflated GitHub activity, YouTube tutorials, and VirusTotal comments to make crypto-stealing sniper bots and gambling "predictors" look trustworthy, while SecurityWeek detailed CryptoBandits, a backdoor that blends data theft with remote code execution through a local SOCKS5 proxy over Tor.
Two fresh operations target cryptocurrency users: one launders the reputation of malicious trading tools through fake stars and reviews, the other hides theft and remote control inside Tor traffic. Users should distrust money-making bots regardless of their apparent ratings.
Sources: Help Net Security · SecurityWeek · ↑ top
Latest developments: Dark Reading revealed that FIFA left Microsoft Entra access controls unenforced on its streaming platform, a gap that let an attacker hijack live 2026 World Cup video feeds and broadcast their own content.
An identity-policy oversight in FIFA's streaming setup opened official World Cup broadcasts to remote takeover, where a hacker could replace a match feed with arbitrary video. The flaw shows how unenforced cloud access rules undercut even high-profile global events.
Sources: Dark Reading · ↑ top
Latest developments: Nintendo of America confirmed that attackers stole internal survey data from TinyPulse, a third-party service run by a WebMD subsidiary, while insisting its own systems stayed intact.
The breach hit a vendor Nintendo used internally rather than Nintendo's infrastructure, exposing employee survey records. The case underscores how third-party tools widen a company's attack surface even when core systems hold.
Sources: BleepingComputer · ↑ top
Latest developments: Israel struck targets across southern Lebanon overnight and Iran fired warning shots in the Strait of Hormuz, while Tehran moved to require Tehran-approved insurance for vessels using the strait and lined up access to $6 billion in frozen Qatari funds.
The United States and Iran signed an interim accord on June 17 to end their war and reopen the Strait of Hormuz, but clashes between Israel and Hezbollah have stalled the follow-on nuclear talks in Switzerland and prompted Vice President JD Vance to postpone his trip, pushing Brent crude back above $80 a barrel and keeping inflation-wary central bankers on edge.
Sources: WSJ World News · FT World · FT World · ↑ top
Juneteenth: Mostly Sunny then Slight Chance Rain Showers, high 78F.
Tonight: Mostly Clear, low 58F.
Saturday: Mostly Sunny then Slight Chance Showers And Thunderstorms, high 78F.
Latest developments: Schwebel Baking Company said Wednesday it will wind down operations and liquidate the business, formalizing the closure flagged earlier in the week.
Schwebel Baking Company, which has supplied bread and rolls for more than 120 years, will shut down and pull its brand from Western Pennsylvania grocery shelves.
Latest developments: The Municipal Authority of Westmoreland County agreed to buy West Newton's sewage treatment plant and its collection pipes for $1.2 million.
The Municipal Authority of Westmoreland County will take over the West Newton borough sewage system, adding the treatment plant and the network of collection lines to its operations.
Latest developments: The Sports & Exhibition Authority brought in a dog-handling 'Geese Police' service to clear Canada geese fouling North Shore Riverfront Park.
Goose droppings have overrun North Shore Riverfront Park along the Allegheny River, so the Sports & Exhibition Authority recruited a 'Geese Police' contractor that uses herding dogs to drive the birds off.
Latest developments: On Juneteenth itself, the Post-Gazette reports Pittsburgh-area municipalities still differ widely in how they mark the holiday five years after it became federal.
Juneteenth, which commemorates the end of slavery and became a federal holiday in 2021, draws uneven recognition across the Pittsburgh region, with some communities staging festivals and others doing little.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: Leet Township commissioners postponed a plan to livestream and video-record their public meetings.
Leet Township, in the Sewickley area of Allegheny County, decided to set aside a proposal to livestream and record commissioners' meetings.
Latest developments: Today is Juneteenth, and the four-day festival runs through Sunday, June 21.
Stop the Violence Pittsburgh's Western Pennsylvania Juneteenth and Black Music Celebration, billed as the largest Juneteenth festival in North America, runs 11 a.m. to 10 p.m. daily through Sunday, June 21, across Point State Park, Market Square, and Liberty Avenue downtown.
Sources: NEXTpittsburgh Events · ↑ top
Pirates (38-37)
Up Next · Pirates @ Rockies · Fri Jun 19, 8:40 PM
Latest developments: A Post-Gazette mailbag lays out the Pirates' plan behind the plate after trading Joey Bart, weighing whether Henry Davis takes over and whether Marcell Ozuna sticks around.
Having sent catcher Joey Bart to Atlanta for reliever Hunter Stratton, the Pirates turn to filling the position, with the Post-Gazette pointing to Henry Davis and addressing whether designated hitter Marcell Ozuna stays after a strong night against Sacramento.
Sources: Post-Gazette Pirates · ↑ top
S&P 500 7,483.56 ▲ +1.6% Dow 51,586.04 ▲ +1.8% Nasdaq 26,297.74 ▲ +2.5% WTI crude 79.01 ▼ -11.8% EUR/USD 1.1578 ▲ +0.3% GBP/USD 1.3401 ▲ +0.3% USD/JPY 160.27 = -0.0%