infosecfollow

daily plain-text briefing: security, markets, business, and pittsburgh

The Klue token theft keeps cascading through its customers, now dragging HackerOne, Recorded Future, Snyk, Tanium, and other security vendors into the breach.

Emerging Trends and Key Updates

Trend INTERPOL's new Asia-Pacific threat assessment, fresh World Cup ticket scams, and Israeli deepfake face-swap thefts show generative AI sharpening fraud faster than victims can react.
Trend The Klue OAuth token theft keeps climbing the supply chain, now hitting HackerOne, Snyk, and Tanium and proving security vendors face the same cascade as Recorded Future.
Trend Manifold Security flagged 23 ClawHub plugins squatting official publisher scopes while researchers found 282 iOS apps spilling exploitable LLM keys, showing the AI rush leaves credentials exposed.
Trend QiAnXin's XLab tied the AryStinger router botnet to pre-intrusion reconnaissance just as Canada's CSIS used new warrant powers to clean botnet-infected routers and IoT gear.
Update · new Fortinet published its own response to the FortiBleed campaign, confirming attackers assembled a database of more than 86,000 verified working credentials.
Update · new Keir Starmer announced he will leave Downing Street within weeks just as Beijing imposed fresh rare-earth export controls on dozens of U.S. firms.

Security

1. AI Supercharges Phishing and Identity Fraud

Fraud and Scams · [phishing, scam, deepfake]

Latest developments: INTERPOL's 2025/2026 Asia and South Pacific assessment names phishing the region's most widespread threat, Israeli investigators tie AI-generated face-swap videos to identity theft, and Wired details cloned-site World Cup scams.

Generative AI now powers convincing phishing, fake ticket sites, and deepfake impersonation across fraud campaigns worldwide; users should verify sellers and account alerts through official channels before paying or clicking.

Sources: The Hacker News · Wired Security · Frank on Fraud · ↑ top

2. AI Plugins and Apps Leak Credentials

AI Security · [ai, credentials, supply-chain]

Latest developments: Manifold Security's Ax Sharma found 23 code-executing plugins squatting ClawHub's official @openclaw and @clawhub scopes, while Wake Forest University researchers found 282 of 444 AI-powered iOS apps exposing exploitable LLM credentials or backend access.

AI agent registries and mobile apps ship with weak controls over who publishes packages and how API keys travel, letting attackers run code or steal model-provider credentials; developers should reserve official scopes and proxy keys server-side.

Sources: Help Net Security · Help Net Security · ↑ top

3. AryStinger Router Botnet

Ransomware and Cybercrime · [botnet, iot]

Latest developments: QiAnXin's XLab attributed the botnet and counts at least 4,300 infected routers and rising, framing AryStinger as a pre-intrusion reconnaissance and proxy network rather than the usual DDoS tool.

AryStinger compromises outdated home routers, many of them D-Link models, and turns them into proxies that scout targets before a break-in; owners of legacy routers should patch firmware or replace unsupported hardware.

Sources: The Hacker News · BleepingComputer · ↑ top

4. Klue Breach Spreads to Security Vendors

Data Breaches · [breach, supply-chain]

Latest developments: HackerOne, Huntress, Jamf, OneTrust, Snyk, and Tanium disclosed Klue exposure, widening a confirmed victim roster that already named Recorded Future.

Attackers stole OAuth tokens from sales-intelligence vendor Klue and used them to reach customers' connected Salesforce environments; affected companies should revoke the tokens and audit Salesforce access.

Sources: SecurityWeek · ↑ top

5. Fortinet Responds to FortiBleed Campaign

Vulnerabilities and Exploits · [patch, credentials]

Latest developments: Fortinet published its own response to FortiBleed, confirming the campaign assembled a database of more than 86,000 verified working credentials.

FortiBleed harvested login credentials from tens of thousands of internet-facing FortiGate firewalls and VPN gateways; operators should rotate credentials and harden exposed devices.

Sources: SecurityWeek · ↑ top

6. Canada's CSIS Cleans Botnet-Infected Devices

Ransomware and Cybercrime · [botnet, policy]

Latest developments: The Federal Court released a public version of its ruling on June 15 showing the Canadian Security Intelligence Service used threat reduction warrant powers for the first time to reach into infected servers, home routers, and IoT gear on Canadian soil and neutralize two foreign-run botnets.

A Canadian judge let CSIS alter compromised devices inside the country to dismantle botnets run from abroad, the agency's first use of that authority for active cleanup.

Sources: The Hacker News · ↑ top

Business and Politics

Starmer Resigns as U.K. Prime Minister

Latest developments: Keir Starmer made it official Monday, June 22, announcing he will leave Downing Street within weeks and clearing the path for Andy Burnham to become Britain's seventh prime minister in a decade.

Keir Starmer, who led Labour to a landslide in 2024, quit after a backbench rebellion, pushing Britain into its sixth premier in seven years; U.K. gilt yields edged higher and sterling weakened on fiscal uncertainty.

Sources: WSJ World News · FT World · WSJ Markets · ↑ top

China Restricts Rare-Earth Trade With U.S. Firms

Latest developments: Beijing imposed fresh export controls Monday on dozens of U.S. companies, including rare-earth firms, retaliating after Washington expanded its list of military-linked Chinese companies.

China curbed trading and rare-earth exports to dozens of American firms, escalating the tit-for-tat with Washington over critical-minerals supply that feeds defense and electronics manufacturing.

Sources: FT World · WSJ World News · ↑ top

Pittsburgh

Weather

Today: Showers And Thunderstorms then Showers And Thunderstorms Likely, high 78F.

Tonight: Showers And Thunderstorms then Mostly Cloudy, low 59F.

Tuesday: Mostly Sunny, high 78F.

Business

Buyer Surfaces for Century III Mall

Latest developments: Steve Panko, a Chicago developer who founded Brightside CRE, said he wants to buy the shuttered Century III Mall site and will open redevelopment talks with West Mifflin borough soon.

Century III Mall in West Mifflin, dead for years, may finally get redeveloped; Brightside CRE founder Steve Panko told PublicSource a plan could take shape in the 'imminent future.'

Sources: PublicSource · ↑ top

Gecko Robotics Pitches AI Against Labor Shortage

Latest developments: The Post-Gazette profiled Pittsburgh's Gecko Robotics, which builds robots and artificial intelligence to inspect industrial infrastructure as a generation of skilled tradespeople nears retirement.

Gecko Robotics, a Pittsburgh company, makes wall-climbing robots and AI software to inspect power plants, pipelines, and ships, framing the technology as a fix for the skilled-labor gap left by retiring workers.

Sources: Pittsburgh Post-Gazette · ↑ top

Around Town

County Council Weighs Bigger Budget for Itself

Latest developments: A year after raising property taxes 36%, Allegheny County Council members are weighing a proposal to expand their own benefits and lift the cap on the council budget.

Allegheny County Council, which approved a 36% property-tax increase last year, could soon grant members more benefits and a larger operating budget, the Post-Gazette reported.

Sources: Pittsburgh Post-Gazette · ↑ top

State Elder-Abuse Probe Kept Secret

Latest developments: Records show Pennsylvania's elder-abuse watchdog ran an investigation that stayed secret while Governor Josh Shapiro's office claimed confidentiality to withhold the files.

A Pennsylvania state watchdog kept an elder-abuse investigation under wraps, and Governor Josh Shapiro's office cited confidentiality in refusing to release records, the Post-Gazette found.

Sources: Pittsburgh Post-Gazette · ↑ top

Strong El Nino May Be Forming

Latest developments: Forecasters say a 'historically strong' El Nino could develop, and the Post-Gazette laid out what the pattern would mean for Pittsburgh's coming seasons.

A potentially historic El Nino could shape temperature and precipitation across western Pennsylvania in the months ahead, the Post-Gazette reported.

Sources: Pittsburgh Post-Gazette · ↑ top

Events

Pittsburgh Symphony's Summer of Movie Music

Latest developments: The Pittsburgh Symphony Orchestra is building its summer season around film scores, the Post-Gazette reported.

The Pittsburgh Symphony Orchestra devotes its summer programming to movie music, performing scores from the screen.

Sources: Post-Gazette Arts & Entertainment · ↑ top

Sports

Pirates (39-39)

Sun Jun 21 · Pirates 8 · Rockies 6 · Final

Gonzalez and Reynolds homer as the Pirates hold off the Rockies 8-6

Up Next · Mariners @ Pirates · Tue Jun 23, 6:40 PM

Around the Teams

Pirates' Catching Plan After the Bart Trade

Latest developments: A Post-Gazette mailbag laid out the Pirates' catching plan now that Joey Bart is gone, pointing to Henry Davis, and weighed whether Marcell Ozuna returns.

With catcher Joey Bart dealt to Atlanta, the Post-Gazette's mailbag identified Henry Davis as central to the Pirates' plan behind the plate and questioned Marcell Ozuna's future with the club.

Sources: Post-Gazette Pirates · ↑ top

Brandon Lowe on Fatherhood

Latest developments: The Post-Gazette profiled Pirates infielder Brandon Lowe, who described his battle with infertility and IVF as he marked Father's Day.

Pirates second baseman Brandon Lowe told the Post-Gazette that fatherhood, reached after infertility and IVF treatment, is 'the greatest gift.'

Sources: Post-Gazette Pirates · ↑ top

Team USA

USMNT Faces Rotation Choice vs. Türkiye

Latest developments: Having clinched a place in the round of 32, the U.S. men's national team must decide whether to rotate or keep its same starting XI for the final Group D match against Türkiye.

The U.S. men's national team, already through to the World Cup knockouts after topping Group D as a co-host, weighs resting starters against staying consistent in its group finale versus Türkiye.

Sources: ESPN Soccer · ↑ top

Alex Freeman's NFL Bloodlines

Latest developments: ESPN profiled USMNT defender Alex Freeman, son of former Green Bay Packers Pro Bowl receiver Antonio Freeman, on reaching his first World Cup.

Alex Freeman, the U.S. right back and son of Packers Pro Bowl receiver Antonio Freeman, leaned on his father's professional-sports experience to chase his World Cup dream, ESPN reported.

Sources: ESPN Soccer · ↑ top

Reading

Cal Newport — Dear AI Companies: Stop the "Doom Trolling". Newport argues that AI companies undercut their own credibility by issuing alarmist warnings about the dangers of their products, a tactic he likens to a carmaker fretting publicly over its bestselling truck.
Stratechery — Apple Price Increases, Apple Intelligence and the E.U.. Ben Thompson reads Apple's first real price increases alongside its decision to withhold Apple Intelligence Siri features from the European Union, tying both to regulatory and competitive pressure.
Ed Zitron — Premium: The Silicon Valley Bubble (Part 2). Zitron extends his case that Silicon Valley sits atop a bubble, building on his reporting that OpenAI spent $34 billion to generate roughly $13 billion in revenue.

Markets

weekly average, change vs prior week

S&P 500     7,483.56  ▲ +1.6%
Dow        51,586.04  ▲ +1.8%
Nasdaq     26,297.74  ▲ +2.5%
WTI crude      79.01  ▼ -11.8%
EUR/USD       1.1555  ▲ +0.1%
GBP/USD       1.3359  = -0.0%
USD/JPY       160.50  ▲ +0.1%