================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Monday, June 22, 2026 - 6:05 AM EDT ================================================================ The Klue token theft keeps cascading through its customers, now dragging HackerOne, Recorded Future, Snyk, Tanium, and other security vendors into the breach. CONTENTS: Emerging Trends and Key Updates | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS AND KEY UPDATES ---------------------------------------------------------------- * [TREND] INTERPOL's new Asia-Pacific threat assessment, fresh World Cup ticket scams, and Israeli deepfake face-swap thefts show generative AI sharpening fraud faster than victims can react. see: AI Supercharges Phishing and Identity Fraud * [TREND] The Klue OAuth token theft keeps climbing the supply chain, now hitting HackerOne, Snyk, and Tanium and proving security vendors face the same cascade as Recorded Future. see: Klue Breach Spreads to Security Vendors * [TREND] Manifold Security flagged 23 ClawHub plugins squatting official publisher scopes while researchers found 282 iOS apps spilling exploitable LLM keys, showing the AI rush leaves credentials exposed. see: AI Plugins and Apps Leak Credentials * [TREND] QiAnXin's XLab tied the AryStinger router botnet to pre-intrusion reconnaissance just as Canada's CSIS used new warrant powers to clean botnet-infected routers and IoT gear. see: AryStinger Router Botnet; Canada's CSIS Cleans Botnet-Infected Devices * [UPDATE (new)] Fortinet published its own response to the FortiBleed campaign, confirming attackers assembled a database of more than 86,000 verified working credentials. see: Fortinet Responds to FortiBleed Campaign * [UPDATE (new)] Keir Starmer announced he will leave Downing Street within weeks just as Beijing imposed fresh rare-earth export controls on dozens of U.S. firms. see: Starmer Resigns as U.K. Prime Minister; China Restricts Rare-Earth Trade With U.S. Firms SECURITY ---------------------------------------------------------------- 1. AI SUPERCHARGES PHISHING AND IDENTITY FRAUD Fraud and Scams · [phishing, scam, deepfake] Latest developments: INTERPOL's 2025/2026 Asia and South Pacific assessment names phishing the region's most widespread threat, Israeli investigators tie AI-generated face-swap videos to identity theft, and Wired details cloned-site World Cup scams. Generative AI now powers convincing phishing, fake ticket sites, and deepfake impersonation across fraud campaigns worldwide; users should verify sellers and account alerts through official channels before paying or clicking. - The Hacker News: https://thehackernews.com/2026/06/interpol-warns-phishing-ransomware-and.html - Wired Security: https://www.wired.com/story/world-cup-scams-are-getting-harder-to-spot/ - Frank on Fraud: https://frankonfraud.com/he-used-ai-to-wear-other-peoples-faces-and-agents-to-help-him/ 2. AI PLUGINS AND APPS LEAK CREDENTIALS AI Security · [ai, credentials, supply-chain] Latest developments: Manifold Security's Ax Sharma found 23 code-executing plugins squatting ClawHub's official @openclaw and @clawhub scopes, while Wake Forest University researchers found 282 of 444 AI-powered iOS apps exposing exploitable LLM credentials or backend access. AI agent registries and mobile apps ship with weak controls over who publishes packages and how API keys travel, letting attackers run code or steal model-provider credentials; developers should reserve official scopes and proxy keys server-side. - Help Net Security: https://www.helpnetsecurity.com/2026/06/22/clawhub-code-executing-plugins-video/ - Help Net Security: https://www.helpnetsecurity.com/2026/06/22/llm-api-credential-leakage-ios-apps/ 3. ARYSTINGER ROUTER BOTNET Ransomware and Cybercrime · [botnet, iot] Latest developments: QiAnXin's XLab attributed the botnet and counts at least 4,300 infected routers and rising, framing AryStinger as a pre-intrusion reconnaissance and proxy network rather than the usual DDoS tool. AryStinger compromises outdated home routers, many of them D-Link models, and turns them into proxies that scout targets before a break-in; owners of legacy routers should patch firmware or replace unsupported hardware. - The Hacker News: https://thehackernews.com/2026/06/arystinger-malware-infects-4300-legacy.html - BleepingComputer: https://www.bleepingcomputer.com/news/security/arystinger-botnet-infected-thousands-of-d-link-routers-worldwide/ 4. KLUE BREACH SPREADS TO SECURITY VENDORS Data Breaches · [breach, supply-chain] Latest developments: HackerOne, Huntress, Jamf, OneTrust, Snyk, and Tanium disclosed Klue exposure, widening a confirmed victim roster that already named Recorded Future. Attackers stole OAuth tokens from sales-intelligence vendor Klue and used them to reach customers' connected Salesforce environments; affected companies should revoke the tokens and audit Salesforce access. - SecurityWeek: https://www.securityweek.com/more-cybersecurity-firms-disclose-impact-from-klue-hack/ 5. FORTINET RESPONDS TO FORTIBLEED CAMPAIGN Vulnerabilities and Exploits · [patch, credentials] Latest developments: Fortinet published its own response to FortiBleed, confirming the campaign assembled a database of more than 86,000 verified working credentials. FortiBleed harvested login credentials from tens of thousands of internet-facing FortiGate firewalls and VPN gateways; operators should rotate credentials and harden exposed devices. - SecurityWeek: https://www.securityweek.com/fortinet-responds-to-fortibleed-campaign/ 6. CANADA'S CSIS CLEANS BOTNET-INFECTED DEVICES Ransomware and Cybercrime · [botnet, policy] Latest developments: The Federal Court released a public version of its ruling on June 15 showing the Canadian Security Intelligence Service used threat reduction warrant powers for the first time to reach into infected servers, home routers, and IoT gear on Canadian soil and neutralize two foreign-run botnets. A Canadian judge let CSIS alter compromised devices inside the country to dismantle botnets run from abroad, the agency's first use of that authority for active cleanup. - The Hacker News: https://thehackernews.com/2026/06/canadas-spy-agency-used-first-of-its.html BUSINESS AND POLITICS ---------------------------------------------------------------- * Starmer Resigns as U.K. Prime Minister Latest developments: Keir Starmer made it official Monday, June 22, announcing he will leave Downing Street within weeks and clearing the path for Andy Burnham to become Britain's seventh prime minister in a decade. Keir Starmer, who led Labour to a landslide in 2024, quit after a backbench rebellion, pushing Britain into its sixth premier in seven years; U.K. gilt yields edged higher and sterling weakened on fiscal uncertainty. - WSJ World News: https://www.wsj.com/world/uk/u-k-prime-minister-keir-starmer-quits-amid-rebellion-d5ede8d4 - FT World: https://www.ft.com/content/d586063a-bf52-4041-adc0-3b357354df26 - WSJ Markets: https://www.wsj.com/finance/investing/jgb-yields-higher-amid-middle-east-uncertainty-ca344a8a?mod=rss_markets_main * China Restricts Rare-Earth Trade With U.S. Firms Latest developments: Beijing imposed fresh export controls Monday on dozens of U.S. companies, including rare-earth firms, retaliating after Washington expanded its list of military-linked Chinese companies. China curbed trading and rare-earth exports to dozens of American firms, escalating the tit-for-tat with Washington over critical-minerals supply that feeds defense and electronics manufacturing. - FT World: https://www.ft.com/content/a0f13f98-f8f6-4b51-83f2-5a614fe89b4c - WSJ World News: https://www.wsj.com/world/china/china-slaps-restrictions-on-dozens-of-u-s-companies-bd337a1c PITTSBURGH ---------------------------------------------------------------- Weather: Today: Showers And Thunderstorms then Showers And Thunderstorms Likely, high 78F. Tonight: Showers And Thunderstorms then Mostly Cloudy, low 59F. Tuesday: Mostly Sunny, high 78F. Business: * Buyer Surfaces for Century III Mall Latest developments: Steve Panko, a Chicago developer who founded Brightside CRE, said he wants to buy the shuttered Century III Mall site and will open redevelopment talks with West Mifflin borough soon. Century III Mall in West Mifflin, dead for years, may finally get redeveloped; Brightside CRE founder Steve Panko told PublicSource a plan could take shape in the 'imminent future.' - PublicSource: https://www.publicsource.org/century-iii-mall-redevelopment-could-begin-to-take-shape-soon/ * Gecko Robotics Pitches AI Against Labor Shortage Latest developments: The Post-Gazette profiled Pittsburgh's Gecko Robotics, which builds robots and artificial intelligence to inspect industrial infrastructure as a generation of skilled tradespeople nears retirement. Gecko Robotics, a Pittsburgh company, makes wall-climbing robots and AI software to inspect power plants, pipelines, and ships, framing the technology as a fix for the skilled-labor gap left by retiring workers. - Pittsburgh Post-Gazette: https://www.post-gazette.com/business/tech-news/2026/06/22/gecko-robotics-artificial-intelligence-workforce/stories/202606100056 Around town: * County Council Weighs Bigger Budget for Itself Latest developments: A year after raising property taxes 36%, Allegheny County Council members are weighing a proposal to expand their own benefits and lift the cap on the council budget. Allegheny County Council, which approved a 36% property-tax increase last year, could soon grant members more benefits and a larger operating budget, the Post-Gazette reported. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/politics-local/2026/06/22/allegheny-county-council-budget-cap-benefits/stories/202606180064 * State Elder-Abuse Probe Kept Secret Latest developments: Records show Pennsylvania's elder-abuse watchdog ran an investigation that stayed secret while Governor Josh Shapiro's office claimed confidentiality to withhold the files. A Pennsylvania state watchdog kept an elder-abuse investigation under wraps, and Governor Josh Shapiro's office cited confidentiality in refusing to release records, the Post-Gazette found. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/politics-state/2026/06/22/pennsylvania-elder-abuse-watchdog/stories/202606220006 * Strong El Nino May Be Forming Latest developments: Forecasters say a 'historically strong' El Nino could develop, and the Post-Gazette laid out what the pattern would mean for Pittsburgh's coming seasons. A potentially historic El Nino could shape temperature and precipitation across western Pennsylvania in the months ahead, the Post-Gazette reported. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/weather-news/2026/06/22/pittsburgh-weather-el-nino/stories/202606180057 Events: * Pittsburgh Symphony's Summer of Movie Music Latest developments: The Pittsburgh Symphony Orchestra is building its summer season around film scores, the Post-Gazette reported. The Pittsburgh Symphony Orchestra devotes its summer programming to movie music, performing scores from the screen. - Post-Gazette Arts & Entertainment: https://www.post-gazette.com/ae/music/2026/06/22/pso-movie-music-pittsburgh-symphony-orchestra/stories/202606170061 SPORTS ---------------------------------------------------------------- Pirates (39-39) Sun Jun 21 · Pirates 8 · Rockies 6 · Final Gonzalez and Reynolds homer as the Pirates hold off the Rockies 8-6 https://plaintextsports.com/mlb/2026-06-21/pit-col Up Next · Mariners @ Pirates · Tue Jun 23, 6:40 PM https://plaintextsports.com/mlb/2026-06-23/sea-pit Around the Teams: * Pirates' Catching Plan After the Bart Trade Latest developments: A Post-Gazette mailbag laid out the Pirates' catching plan now that Joey Bart is gone, pointing to Henry Davis, and weighed whether Marcell Ozuna returns. With catcher Joey Bart dealt to Atlanta, the Post-Gazette's mailbag identified Henry Davis as central to the Pirates' plan behind the plate and questioned Marcell Ozuna's future with the club. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/19/mlb-trade-bart-stratton-henry-davis-marcell-ozuna/stories/202606190033 * Brandon Lowe on Fatherhood Latest developments: The Post-Gazette profiled Pirates infielder Brandon Lowe, who described his battle with infertility and IVF as he marked Father's Day. Pirates second baseman Brandon Lowe told the Post-Gazette that fatherhood, reached after infertility and IVF treatment, is 'the greatest gift.' - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/21/brandon-lowe-kids-infertility-ivf-fathers-day-mlb/stories/202606210057 Team USA: * USMNT Faces Rotation Choice vs. Türkiye Latest developments: Having clinched a place in the round of 32, the U.S. men's national team must decide whether to rotate or keep its same starting XI for the final Group D match against Türkiye. The U.S. men's national team, already through to the World Cup knockouts after topping Group D as a co-host, weighs resting starters against staying consistent in its group finale versus Türkiye. - ESPN Soccer: https://www.espn.com/soccer/story/_/id/49140112/usmnt-faces-world-cup-dilemma-vs-turkiye-rotate-squad-keep-same-xi * Alex Freeman's NFL Bloodlines Latest developments: ESPN profiled USMNT defender Alex Freeman, son of former Green Bay Packers Pro Bowl receiver Antonio Freeman, on reaching his first World Cup. Alex Freeman, the U.S. right back and son of Packers Pro Bowl receiver Antonio Freeman, leaned on his father's professional-sports experience to chase his World Cup dream, ESPN reported. - ESPN Soccer: https://www.espn.com/soccer/story/_/id/49003063/how-alex-freeman-pro-bowl-dad-green-bay-packers-antonio-freeman-helped-world-cup-dream-usmnt READING ---------------------------------------------------------------- * Cal Newport -- Dear AI Companies: Stop the "Doom Trolling" Newport argues that AI companies undercut their own credibility by issuing alarmist warnings about the dangers of their products, a tactic he likens to a carmaker fretting publicly over its bestselling truck. https://calnewport.com/dear-ai-companies-stop-the-doom-trolling/ * Stratechery -- Apple Price Increases, Apple Intelligence and the E.U. Ben Thompson reads Apple's first real price increases alongside its decision to withhold Apple Intelligence Siri features from the European Union, tying both to regulatory and competitive pressure. https://stratechery.com/2026/apple-price-increases-apple-intelligence-and-the-e-u/ * Ed Zitron -- Premium: The Silicon Valley Bubble (Part 2) Zitron extends his case that Silicon Valley sits atop a bubble, building on his reporting that OpenAI spent $34 billion to generate roughly $13 billion in revenue. https://www.wheresyoured.at/premium-the-silicon-valley-bubble-part-2/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,483.56 ▲ +1.6% Dow 51,586.04 ▲ +1.8% Nasdaq 26,297.74 ▲ +2.5% WTI crude 79.01 ▼ -11.8% EUR/USD 1.1555 ▲ +0.1% GBP/USD 1.3359 = -0.0% USD/JPY 160.50 ▲ +0.1% ================================================================ Generated 2026-06-22 06:05 EDT. Sources: 24 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; 4 Team USA feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================