daily plain-text briefing: security, markets, business, and pittsburgh
Russian-speaking attackers' FortiBleed haul reaches 86,644 Fortinet devices as a Klue integration breach spreads to security vendors and Microsoft warns AI browsing agents can be hijacked into remote code execution.
Latest developments: Salesforce disabled the Klue Battlecards integration over the June 11 compromise, and Recorded Future joined Huntress among confirmed victims as Klue became the third connected app abused to siphon Salesforce data.
A single compromised Klue integration credential cascaded into theft of customer data across connected platforms, including Salesforce, hitting security vendors Huntress and Recorded Future; affected organizations cannot reconnect Klue to Salesforce until further notice.
Sources: SecurityWeek · The Hacker News · Help Net Security · Dark Reading · ↑ top
Latest developments: CISA, in a June 18 advisory, attributed the FortiBleed credential theft to Russian-speaking threat actors and put the tally at 86,644 compromised FortiGate appliances—roughly half the internet-accessible Fortinet firewalls and VPNs.
FortiBleed leaked login credentials for tens of thousands of internet-facing Fortinet firewalls and VPN gateways; CISA urges customers to rotate credentials and harden devices.
Sources: The Hacker News · SecurityWeek · BleepingComputer · ↑ top
Latest developments: Microsoft detailed AutoJack, an exploit chain in which one malicious webpage drives an AI browsing agent into remote code execution on the host by abusing localhost trust and AutoGen Studio's unauthenticated MCP WebSocket.
As enterprises grant AI agents broad system access, a single page or unmanaged agent identity can pivot to host compromise or data exfiltration; treat agents as privileged identities and lock down the local services they reach.
Sources: Microsoft Security Blog · BleepingComputer · ↑ top
Latest developments: Researchers linked the four-year-old Popa botnet—millions of hijacked Android TV boxes relaying traffic for ad fraud, account takeovers, and scraping—to NetNut, the residential-proxy arm of publicly traded Israeli firm Alarum Technologies.
Popa conscripts consumer TV boxes into a residential proxy network used for fraud and mass data scraping; its tie to a NASDAQ-listed proxy provider raises questions about the legitimacy of the residential-proxy industry.
Sources: Krebs on Security · SecurityWeek · ↑ top
Latest developments: F5 shipped fixes for two critical NGINX Open Source flaws, including CVE-2026-42530, a CVSS 9.2 use-after-free in the ngx_http_v3_module that a remote unauthenticated attacker can trigger for code execution.
NGINX Open Source powers a large share of the world's web servers; operators should apply F5's updates promptly to close the unauthenticated remote code execution path.
Sources: The Hacker News · ↑ top
Latest developments: SecurityWeek reported that most internet-accessible REDCap research-data servers run outdated software that China-linked UNC6508 regularly exploits for initial access and backdoor deployment.
REDCap is a widely used research data-collection platform across universities and hospitals; administrators should update internet-facing instances to block UNC6508 intrusions.
Sources: SecurityWeek · ↑ top
Latest developments: Israel struck targets across southern Lebanon overnight and Iran fired warning shots in the Strait of Hormuz, prompting Tehran to push back the U.S.-Iran nuclear talks in Switzerland—Vice President JD Vance's fueled plane never left—before Israel and Hezbollah agreed Friday to renew their ceasefire and oil eased on hopes the wider accord survives.
The United States and Iran are negotiating a 60-day interim deal to end their war, reopen the Strait of Hormuz, and release $6 billion in Iranian funds frozen in Qatar; renewed fighting in Lebanon now threatens that timetable and keeps Gulf oil shipping on edge.
Sources: WSJ World News · WSJ World News · ↑ top
Juneteenth: Slight Chance Rain Showers, high 78F.
Tonight: Mostly Clear, low 58F.
Saturday: Mostly Sunny then Slight Chance Showers And Thunderstorms, high 78F.
Latest developments: Lautrec, the French fine-dining room at the Nemacolin resort in Farmington, Fayette County, reopens this July with a reimagined menu and an evening rebuilt around course-by-course theatrical spectacle.
Nemacolin is relaunching its storied French restaurant Lautrec in July, reworking both the food and the choreography of its multi-course dinner service.
Sources: Pittsburgh Magazine · ↑ top
Latest developments: A one-time Heinz-family estate in Pittsburgh's Highland Park neighborhood has come on the market, TribLive reports.
A historic home tied to the Heinz family is now listed for sale in Highland Park, on Pittsburgh's east end.
Latest developments: The City of Pittsburgh and Reading Ready Pittsburgh announced Thursday they are expanding Dolly Parton's Imagination Library, unveiling the growth at the Phillips Recreation Center in Carrick.
Dolly Parton's Imagination Library mails a free book each month to enrolled children from birth to age five; the expansion widens local enrollment through Reading Ready Pittsburgh.
Latest developments: With the Parkway East closure weeks away, PennDOT said the controlled blast that will demolish a bridge has been engineered so the detonation will not affect nearby homes.
PennDOT plans to fully close the Parkway East and bring down a bridge by controlled blast, part of the bridge work that will also shut Commercial Street beneath the highway.
Latest developments: The century-old Palace Theatre in downtown Greensburg is celebrating 100 years with a time capsule and a LeAnn Rimes concert.
Greensburg's Palace Theatre, in Westmoreland County, is staging a centennial celebration that includes a time capsule and a headlining performance by country singer LeAnn Rimes.
Latest developments: Punk band Winona Fighter, fronted by Coco Kinnon, brings the idobi Radio Summer School tour to the Roxian Theatre in McKees Rocks.
Winona Fighter, with new music in hand, headlines a stop on the idobi Radio Summer School tour at the Roxian Theatre in McKees Rocks.
Pirates (38-37)
Up Next · Pirates @ Rockies · Fri Jun 19, 8:40 PM
Latest developments: The Post-Gazette's Gerry Dulac writes the Steelers are unlikely to bid on quarterback Brendan Sorsby in the NFL's supplemental draft, pointing to the gambling matter that pushed him there.
Brendan Sorsby, a college quarterback entering the league through the supplemental draft after a gambling issue, holds little appeal for a Steelers quarterback room coach Mike McCarthy is still sorting.
Sources: Post-Gazette Steelers · Post-Gazette Steelers · ↑ top
Latest developments: A Post-Gazette feature traces how Steelers rookie safety Robert Spears-Jennings reshaped his draft stock with a 4.32-second 40-yard dash at the NFL combine.
Robert Spears-Jennings, a rookie safety for the Steelers, turned a blazing 4.32-second 40 at the combine into a higher draft trajectory.
Sources: Post-Gazette Steelers · ↑ top
Latest developments: On the June 17 SNR Drive, Matt Williamson and Wes Uhler assembled a team of the best Steelers who never reached the Hall of Fame and broke down running back Jaylen Warren's game.
The Steelers' SNR Drive podcast, hosted by Matt Williamson and Wes Uhler, picked top Steelers left out of Canton across offense and defense and analyzed current back Jaylen Warren.
Sources: Pittsburgh Steelers (YouTube) · ↑ top
S&P 500 7,483.56 ▲ +1.6% Dow 51,586.04 ▲ +1.8% Nasdaq 26,297.74 ▲ +2.5% WTI crude 79.01 ▼ -11.8% EUR/USD 1.1578 ▲ +0.3% GBP/USD 1.3401 ▲ +0.3% USD/JPY 160.27 = -0.0%