================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Friday, June 19, 2026 - 9:05 AM EDT ================================================================ Defenders scrambled on two fronts as attackers turned an unauthenticated Splunk Enterprise flaw into live remote code execution and the FortiBleed leak laid bare credentials for 86,000 Fortinet devices. CONTENTS: Emerging Trends and Key Updates | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS AND KEY UPDATES ---------------------------------------------------------------- * [TREND] Compromised third-party integrations keep cascading into customer-data theft, as the Klue OAuth breach became the third app draining Salesforce records and Nintendo lost survey data through TinyPulse. see: Klue Breach Cascades Into Salesforce Theft; Nintendo Survey Data Stolen via TinyPulse * [TREND] Attackers are weaponizing enterprise software faster than agencies can patch, with Splunk Enterprise's unauthenticated RCE under live attack and FortiBleed exposing 86,000 Fortinet logins. see: Splunk Enterprise RCE Under Active Attack; FortiBleed Leak Exposes 86,000 Fortinet Devices * [UPDATE (new)] FIFA left Microsoft Entra access controls unenforced on its streaming platform, letting an attacker hijack live 2026 World Cup video feeds and broadcast their own content. see: FIFA World Cup Streams Exposed to Takeover * [TREND] Crypto-stealing crews are faking reputation to dodge scrutiny, inflating GitHub stars and YouTube tutorials while routing CryptoBandits backdoor traffic through Tor. see: Crypto-Stealing Malware Cloaks Itself in Trust * [TREND] On Juneteenth, area municipalities still differ widely in how they mark the holiday even as a four-day Western Pennsylvania festival and Black music celebration runs through Sunday. see: Juneteenth Recognition Varies Across Region; Western Pa. Juneteenth and Black Music Celebration * [TREND] Skepticism about AI economics deepens as Zitron pegs OpenAI's 2025 spending at $34 billion with no path to profit while Newport argues knowledge work was already broken. see: Exclusive: OpenAI Losses Increased Nearly 8X in 2025, With Spending Hitting $34 Billion; AI Isn’t Breaking Work. It’s Already Broken. SECURITY ---------------------------------------------------------------- 1. KLUE BREACH CASCADES INTO SALESFORCE THEFT Data Breaches · [breach, supply-chain, extortion] Latest developments: Huntress published a detailed June 18 account calling the incident a "security domino effect" that began with one compromised integration credential, and Dark Reading noted Klue's Battlecards is now the third connected app abused to siphon customers' Salesforce data. The Icarus threat actors exploited OAuth tokens from a June 11 breach at market-intelligence platform Klue to steal Salesforce CRM data from customers including Huntress and Recorded Future. Salesforce has disabled the Klue Battlecards integration, and affected firms face an ongoing extortion campaign. - Help Net Security: https://www.helpnetsecurity.com/2026/06/19/klue-salesforce-data-breach-huntress/ - SecurityWeek: https://www.securityweek.com/cybersecurity-firms-impacted-by-klue-supply-chain-attack/ - Dark Reading: https://www.darkreading.com/cyberattacks-data-breaches/salesforce-data-thefts-klue-app-compromise - The Hacker News: https://thehackernews.com/2026/06/salesforce-disables-klue-app.html 2. SPLUNK ENTERPRISE RCE UNDER ACTIVE ATTACK Vulnerabilities and Exploits · [zero-day, patch, exploit] Latest developments: Splunk and Resecurity confirmed live exploitation of CVE-2026-20253 and published indicators of compromise, while CISA set a June 21, 2026 mitigation deadline for federal civilian agencies. CVE-2026-20253 is a critical unauthenticated remote-code-execution flaw in Splunk Enterprise that can yield full system compromise. Operators should apply mitigations now and hunt for the suspicious requests Resecurity flagged as compromise indicators. - Help Net Security: https://www.helpnetsecurity.com/2026/06/19/splunk-vulnerability-cve-2026-20253-exploited/ - BleepingComputer: https://www.bleepingcomputer.com/news/security/cisa-splunk-enterprise-flaw-actively-exploited-patch-by-sunday/ - SecurityWeek: https://www.securityweek.com/splunk-enterprise-vulnerability-exploited-in-attacks-days-after-disclosure/ 3. FORTIBLEED LEAK EXPOSES 86,000 FORTINET DEVICES Vulnerabilities and Exploits · [breach, patch, credentials] Latest developments: SecurityWeek quantified the FortiBleed credential-theft campaign at 86,000 compromised Fortinet device logins—roughly half of all internet-accessible Fortinet firewalls and VPNs—as CISA urged customers to lock down the nearly 74,000 gateways it counted. FortiBleed dumped credentials for tens of thousands of internet-facing Fortinet firewalls and VPN gateways across government and private networks. Administrators should rotate credentials, harden exposed devices, and assume the leaked logins are already in use. - SecurityWeek: https://www.securityweek.com/fortibleed-86000-fortinet-device-credentials-compromised/ - BleepingComputer: https://www.bleepingcomputer.com/news/security/cisa-warns-fortinet-users-to-secure-devices-after-fortibleed-leak/ 4. CRYPTO-STEALING MALWARE CLOAKS ITSELF IN TRUST Ransomware and Cybercrime · [malware, cryptocurrency, backdoor] Latest developments: Check Point exposed a campaign that inflated GitHub activity, YouTube tutorials, and VirusTotal comments to make crypto-stealing sniper bots and gambling "predictors" look trustworthy, while SecurityWeek detailed CryptoBandits, a backdoor that blends data theft with remote code execution through a local SOCKS5 proxy over Tor. Two fresh operations target cryptocurrency users: one launders the reputation of malicious trading tools through fake stars and reviews, the other hides theft and remote control inside Tor traffic. Users should distrust money-making bots regardless of their apparent ratings. - Help Net Security: https://www.helpnetsecurity.com/2026/06/19/fake-github-stars-crypto-stealing-malware/ - SecurityWeek: https://www.securityweek.com/cryptobandits-malware-doubles-as-a-backdoor-abuses-tor/ 5. FIFA WORLD CUP STREAMS EXPOSED TO TAKEOVER Vulnerabilities and Exploits · [vulnerability, access-control] Latest developments: Dark Reading revealed that FIFA left Microsoft Entra access controls unenforced on its streaming platform, a gap that let an attacker hijack live 2026 World Cup video feeds and broadcast their own content. An identity-policy oversight in FIFA's streaming setup opened official World Cup broadcasts to remote takeover, where a hacker could replace a match feed with arbitrary video. The flaw shows how unenforced cloud access rules undercut even high-profile global events. - Dark Reading: https://www.darkreading.com/application-security/fifa-bug-world-cup-streams-remote-takeover 6. NINTENDO SURVEY DATA STOLEN VIA TINYPULSE Data Breaches · [breach, supply-chain] Latest developments: Nintendo of America confirmed that attackers stole internal survey data from TinyPulse, a third-party service run by a WebMD subsidiary, while insisting its own systems stayed intact. The breach hit a vendor Nintendo used internally rather than Nintendo's infrastructure, exposing employee survey records. The case underscores how third-party tools widen a company's attack surface even when core systems hold. - BleepingComputer: https://www.bleepingcomputer.com/news/security/nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack/ BUSINESS AND POLITICS ---------------------------------------------------------------- * Iran Deal Falters as Israel Strikes Lebanon Latest developments: Israel struck targets across southern Lebanon overnight and Iran fired warning shots in the Strait of Hormuz, while Tehran moved to require Tehran-approved insurance for vessels using the strait and lined up access to $6 billion in frozen Qatari funds. The United States and Iran signed an interim accord on June 17 to end their war and reopen the Strait of Hormuz, but clashes between Israel and Hezbollah have stalled the follow-on nuclear talks in Switzerland and prompted Vice President JD Vance to postpone his trip, pushing Brent crude back above $80 a barrel and keeping inflation-wary central bankers on edge. - WSJ World News: https://www.wsj.com/world/middle-east/israel-hezbollah-clashes-put-iran-deal-under-early-pressure-0aa5ae90 - FT World: https://www.ft.com/content/e1068044-5124-47d9-81ba-c4a3efc16384 - FT World: https://www.ft.com/content/905e17e6-0659-4e28-bab8-b733ba6be990 PITTSBURGH ---------------------------------------------------------------- Weather: Juneteenth: Mostly Sunny then Slight Chance Rain Showers, high 78F. Tonight: Mostly Clear, low 58F. Saturday: Mostly Sunny then Slight Chance Showers And Thunderstorms, high 78F. Business: * Schwebel Baking to Liquidate Latest developments: Schwebel Baking Company said Wednesday it will wind down operations and liquidate the business, formalizing the closure flagged earlier in the week. Schwebel Baking Company, which has supplied bread and rolls for more than 120 years, will shut down and pull its brand from Western Pennsylvania grocery shelves. - WPXI: https://www.wpxi.com/news/local/schwebel-baking-co-wind-down-operations-liquidate-its-business/OUXRVQDC2VGUXNDNZYQHNID3JU/ * Westmoreland Authority Buys West Newton Sewage Plant Latest developments: The Municipal Authority of Westmoreland County agreed to buy West Newton's sewage treatment plant and its collection pipes for $1.2 million. The Municipal Authority of Westmoreland County will take over the West Newton borough sewage system, adding the treatment plant and the network of collection lines to its operations. - TribLive: https://triblive.com/local/westmoreland/water-authority-buys-west-newton-sewage-plant-for-1-2-million/ Around town: * SEA Hires Geese Police for North Shore Park Latest developments: The Sports & Exhibition Authority brought in a dog-handling 'Geese Police' service to clear Canada geese fouling North Shore Riverfront Park. Goose droppings have overrun North Shore Riverfront Park along the Allegheny River, so the Sports & Exhibition Authority recruited a 'Geese Police' contractor that uses herding dogs to drive the birds off. - TribLive: https://triblive.com/local/sea-recruits-geese-police-to-handle-north-shore-poop-problem/ * Juneteenth Recognition Varies Across Region Latest developments: On Juneteenth itself, the Post-Gazette reports Pittsburgh-area municipalities still differ widely in how they mark the holiday five years after it became federal. Juneteenth, which commemorates the end of slavery and became a federal holiday in 2021, draws uneven recognition across the Pittsburgh region, with some communities staging festivals and others doing little. - Pittsburgh Post-Gazette: https://www.post-gazette.com/life/holidays/2026/06/19/juneteenth-slavery-emancipation-holiday/stories/202606180077 * Leet Township Shelves Meeting Livestreams Latest developments: Leet Township commissioners postponed a plan to livestream and video-record their public meetings. Leet Township, in the Sewickley area of Allegheny County, decided to set aside a proposal to livestream and record commissioners' meetings. - TribLive: https://triblive.com/local/sewickley/leet-officials-postpone-livestreaming-video-recording-meetings/ Events: * Western Pa. Juneteenth and Black Music Celebration Latest developments: Today is Juneteenth, and the four-day festival runs through Sunday, June 21. Stop the Violence Pittsburgh's Western Pennsylvania Juneteenth and Black Music Celebration, billed as the largest Juneteenth festival in North America, runs 11 a.m. to 10 p.m. daily through Sunday, June 21, across Point State Park, Market Square, and Liberty Avenue downtown. - NEXTpittsburgh Events: https://nextpittsburgh.com/events/14-things-to-do-this-weekend-june-18-21-2026/ SPORTS ---------------------------------------------------------------- Pirates (38-37) Up Next · Pirates @ Rockies · Fri Jun 19, 8:40 PM https://plaintextsports.com/mlb/2026-06-19/pit-col Around the Teams: * Pirates' Catcher Plan After Bart Trade Latest developments: A Post-Gazette mailbag lays out the Pirates' plan behind the plate after trading Joey Bart, weighing whether Henry Davis takes over and whether Marcell Ozuna sticks around. Having sent catcher Joey Bart to Atlanta for reliever Hunter Stratton, the Pirates turn to filling the position, with the Post-Gazette pointing to Henry Davis and addressing whether designated hitter Marcell Ozuna stays after a strong night against Sacramento. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/19/mlb-trade-bart-stratton-henry-davis-marcell-ozuna/stories/202606190033 READING ---------------------------------------------------------------- * Stratechery -- An Interview with Michael Morton About E-Commerce in the Age of AI Ben Thompson interviews Michael Morton on how AI reshapes e-commerce, covering unfalsifiable bear cases, distribution versus referral models, grocery, and autonomous vehicles. https://stratechery.com/2026/an-interview-with-michael-morton-about-e-commerce-in-the-age-of-ai/ * Ed Zitron -- Exclusive: OpenAI Losses Increased Nearly 8X in 2025, With Spending Hitting $34 Billion Zitron reports OpenAI's losses grew nearly eightfold in 2025 as spending reached $34 billion, arguing the company still has no credible path to profitability. https://www.wheresyoured.at/exclusive-openai-financials/ * Cal Newport -- AI Isn’t Breaking Work. It’s Already Broken. Responding to a Financial Times interview with Rebecca Hinds of the Work AI Institute about a survey of 6,000 workers, Newport argues knowledge work was already dysfunctional well before AI arrived. https://calnewport.com/ai-isnt-breaking-work-its-already-broken/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,483.56 ▲ +1.6% Dow 51,586.04 ▲ +1.8% Nasdaq 26,297.74 ▲ +2.5% WTI crude 79.01 ▼ -11.8% EUR/USD 1.1578 ▲ +0.3% GBP/USD 1.3401 ▲ +0.3% USD/JPY 160.27 = -0.0% ================================================================ Generated 2026-06-19 09:05 EDT. Sources: 24 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================