================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Monday, June 22, 2026 - 12:05 PM EDT ================================================================ An AI-assisted hunt unearths Squidbleed, a 29-year-old Squid proxy flaw, the same day stolen Klue OAuth tokens spread to HackerOne, Recorded Future, Snyk, and Tanium. CONTENTS: Emerging Trends and Key Updates | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS AND KEY UPDATES ---------------------------------------------------------------- * [TREND] Researchers turned Claude Mythos Preview loose on aging code to surface Squidbleed, a 29-year-old heap over-read buried in Squid proxy's FTP parsing since 1997. see: Squidbleed Exposes 29-Year-Old Squid Proxy Flaw * [TREND] The rush to wire AI into software keeps leaking secrets, from ClawHub plugins squatting official scopes to iOS apps exposing credentials, AI face-swap fraud and World Cup scams. see: AI Agent Plugins and Apps Spill Secrets; AI Sharpens Identity Fraud and World Cup Scams * [UPDATE (new)] SecurityWeek tied seven more firms—including HackerOne, Recorded Future, Snyk, and Tanium—to the Klue OAuth-token theft, showing how far stolen tokens travel. see: Klue Hack Pulls In Seven More Security Firms * [UPDATE (new)] Elastic Security Labs disclosed OXLOADER, a loader buying malicious Google Ads to drop the CastleStealer infostealer for a Russian-speaking, financially motivated crew. see: OXLOADER Delivers CastleStealer Through Google Ads * [UPDATE (new)] Canada's CSIS used a threat-reduction warrant for the first time to reach into infected servers, routers, and IoT gear and clean botnets. see: Canada's CSIS Cleans Botnets Under Novel Warrant SECURITY ---------------------------------------------------------------- 1. SQUIDBLEED EXPOSES 29-YEAR-OLD SQUID PROXY FLAW Vulnerabilities and Exploits · [vulnerability, patch, ai] Latest developments: Researchers at Calif.io disclosed Squidbleed, a heap over-read tracing to a 1997 FTP-parsing change in the Squid web proxy that they surfaced with help from Claude Mythos Preview, and SecurityWeek likened it to Heartbleed. The over-read leaks another user's cleartext HTTP request, including credentials or session tokens, to anyone the proxy already permits, and it survives in Squid's default configuration. Operators running Squid should patch at once. - The Hacker News: https://thehackernews.com/2026/06/29-year-old-squid-proxy-bug-squidbleed.html - SecurityWeek: https://www.securityweek.com/decades-old-squid-proxy-flaw-squidbleed-can-expose-user-data/ 2. AI AGENT PLUGINS AND APPS SPILL SECRETS AI Security · [ai, supply-chain] Latest developments: Manifold Security's Ax Sharma found 23 code-executing plugins squatting ClawHub's official @openclaw and @clawhub scopes, and Wake Forest University researchers found 282 of 444 AI-powered iOS apps exposing exploitable LLM credentials or backend access. AI plugin registries and mobile apps hand attackers both running code and stolen keys: ClawHub failed to reserve its official scopes, and hundreds of iOS apps embed LLM API credentials an interceptor can lift. Developers should pin trusted publishers and move secrets server-side. - Help Net Security: https://www.helpnetsecurity.com/2026/06/22/clawhub-code-executing-plugins-video/ - Help Net Security: https://www.helpnetsecurity.com/2026/06/22/llm-api-credential-leakage-ios-apps/ 3. AI SHARPENS IDENTITY FRAUD AND WORLD CUP SCAMS Fraud and Scams · [fraud, ai, deepfake] Latest developments: Israeli investigators described a fraudster who used AI to generate face-swap videos impersonating victims and draining their money, and Wired reported AI magnifying World Cup ticket and cloned-website scams ahead of the tournament. Generative AI now produces convincing face-swap clips and fake event sites at scale, raising the bar for spotting fraud. Consumers should verify ticket sellers and treat unexpected video proof with suspicion. - Frank on Fraud: https://frankonfraud.com/he-used-ai-to-wear-other-peoples-faces-and-agents-to-help-him/ - Wired Security: https://www.wired.com/story/world-cup-scams-are-getting-harder-to-spot/ 4. KLUE HACK PULLS IN SEVEN MORE SECURITY FIRMS Data Breaches · [breach, supply-chain] Latest developments: SecurityWeek named seven more victims—HackerOne, Huntress, Jamf, OneTrust, Recorded Future, Snyk, and Tanium—widening the fallout from the Klue OAuth-token theft. Sales-intelligence vendor Klue lost OAuth tokens that linked to customers' Salesforce environments, and the latest disclosures pull a roster of major security firms into the blast radius. Affected customers should revoke tokens and audit Salesforce activity. - SecurityWeek: https://www.securityweek.com/more-cybersecurity-firms-disclose-impact-from-klue-hack/ 5. OXLOADER DELIVERS CASTLESTEALER THROUGH GOOGLE ADS Ransomware and Cybercrime · [malware, infostealer] Latest developments: Elastic Security Labs disclosed OXLOADER, a previously unreported loader that buys malicious Google Ads to deliver the CastleStealer infostealer, tying the operator to a Russian-speaking, financially motivated crew. OXLOADER starts from poisoned search ads, then drops CastleStealer to harvest data from infected machines. Defenders should block malvertising and scrutinize software downloaded through ad clicks. - The Hacker News: https://thehackernews.com/2026/06/new-oxloader-loader-uses-malicious.html 6. CANADA'S CSIS CLEANS BOTNETS UNDER NOVEL WARRANT Ransomware and Cybercrime · [botnet, policy, law-enforcement] Latest developments: The Federal Court released on June 15 a public version of a ruling showing the Canadian Security Intelligence Service used a threat reduction warrant for the first time to reach into infected Canadian servers, home routers, and IoT gear and neutralize two foreign-run botnets. A judge let CSIS alter compromised devices on Canadian soil to dismantle the botnets, the first use of these warrant powers for that purpose. The ruling sets a precedent for intelligence agencies remediating infections directly. - The Hacker News: https://thehackernews.com/2026/06/canadas-spy-agency-used-first-of-its.html BUSINESS AND POLITICS ---------------------------------------------------------------- * Starmer Resigns as UK Prime Minister Latest developments: Keir Starmer announced Monday he will leave Downing Street within weeks, ending the speculation reported earlier, with Health Secretary Wes Streeting backing former Manchester mayor Andy Burnham to succeed him. Starmer quit as Labour leader and prime minister roughly two years after a landslide win, undone by a rebellion after May's local-election rout; Britain now heads for its sixth prime minister in seven years, and sterling and gilts steadied after the announcement. - WSJ World News: https://www.wsj.com/world/uk/u-k-prime-minister-keir-starmer-quits-amid-rebellion-d5ede8d4 - FT World: https://www.ft.com/content/71001d5b-4567-4ac3-b4ec-355fa89efaf6 * Iran Agrees to Readmit Nuclear Inspectors Latest developments: Vice President JD Vance said Monday that Iran agreed to invite International Atomic Energy Agency inspectors back in, calling it a 'major milestone' as the Switzerland talks continued. U.S. and Iranian negotiators in Switzerland worked toward a permanent deal to end a four-month conflict; oil eased and over 400 tankers wait near the Strait of Hormuz, where transit is creeping back but could take weeks to reach half of prewar levels. - WSJ World News: https://www.wsj.com/world/middle-east/vance-says-iran-agreed-to-allow-nuclear-inspectors-back-in-209db17c - FT Markets: https://www.ft.com/content/9df718a9-8ee3-4d8b-a9ff-a29263d35a88 PITTSBURGH ---------------------------------------------------------------- Weather: This Afternoon: Showers And Thunderstorms Likely, high 78F. Tonight: Showers And Thunderstorms Likely then Mostly Cloudy, low 59F. Tuesday: Mostly Sunny, high 78F. Business: * PNC Closes $251 Million Affordable-Housing Fund Latest developments: PNC Bank announced Monday it closed a $251.4 million fund to develop and preserve affordable rental housing across several states. The Pittsburgh-based bank's fund targets construction and preservation of affordable rental units nationwide, channeling institutional capital into a housing supply squeeze. - WPXI: https://www.wpxi.com/news/local/pnc-bank-closes-251-million-fund-develop-affordable-housing-across-multiple-states/XEARBCUFQZA5LOJOXTWHEAHWJU/ * Pittsburgh Pitches Itself as Defense-Tech Hub Latest developments: The Army AI Integration Center showcased military robotics and artificial intelligence at Carnegie Mellon University's Robotics, AI and Autonomy Forum. Carnegie Mellon, a longtime Army partner, hosted the forum to position Pittsburgh as a center for defense robotics and AI and to identify the military's critical needs. - WPXI: https://www.wpxi.com/news/local/pittsburgh-positions-itself-defense-tech-hub-cmu-robotics-forum/BJRH3NTODVG4RGISUELK6FE34Y/ * Pitt and JMI Sports Launch H2PNIL Platform Latest developments: Pitt Athletics and JMI Sports launched H2PNIL, a platform to drive name-image-likeness revenue and serve as a recruiting tool for coaches. The platform expands the existing Pitt-JMI partnership, aiming to grow NIL dollars for University of Pittsburgh athletes and sharpen the school's competitive recruiting pitch. - WPXI: https://www.wpxi.com/news/local/pitt-athletics-jmi-sports-launch-new-platform-elevate-nil-support/LABIXPI4E5DGLAAFH5GUDIOOXA/ Around town: * Parkway East Bridge to Come Down by Controlled Blast Latest developments: WTAE detailed the full timeline of PennDOT's demolition on the Interstate 376 Parkway East, with crews working before and after a controlled blast to drop the old span. PennDOT will use a controlled blast to bring down the aging bridge over the Parkway East, with demolition phases bracketing the explosion and affecting one of Pittsburgh's busiest commuter routes. - WTAE: https://www.wtae.com/article/pittsburgh-bridge-closure-parkway-east-demolition/71660722 * Tornado Threat Added to Monday Storms Latest developments: The severe-weather threat shifted northward over Pittsburgh, prompting a First Alert Weather Day with damaging winds and possible tornadoes Monday afternoon, June 22, beyond the soaking-rain forecast reported earlier. Forecasters warned of isolated heavy downpours, gusty thunderstorms, and a tornado risk across western Pennsylvania on Monday, with a renewed chance of storms returning Thursday. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/weather-news/2026/06/22/pittsburgh-severe-weather-threat-wind-tornadoes/stories/202606220026 - WTAE: https://www.wtae.com/article/impact-day-periods-of-heavy-rain-for-western-pa/71658418 Events: * Pittsburgh Symphony's Summer of Movie Music Latest developments: The Post-Gazette previewed the Pittsburgh Symphony Orchestra's summer slate built around film scores. The Pittsburgh Symphony Orchestra is devoting its summer season to movie music, performing scores from the screen for Pittsburgh audiences. - Post-Gazette Music: https://www.post-gazette.com/ae/music/2026/06/22/pso-movie-music-pittsburgh-symphony-orchestra/stories/202606170061 SPORTS ---------------------------------------------------------------- Pirates (39-39) Sun Jun 21 · Pirates 8 · Rockies 6 · Final Gonzalez and Reynolds homer as the Pirates hold off the Rockies 8-6 https://plaintextsports.com/mlb/2026-06-21/pit-col Up Next · Mariners @ Pirates · Tue Jun 23, 6:40 PM https://plaintextsports.com/mlb/2026-06-23/sea-pit Around the Teams: * McCarthy Wants a 3-4 Defense in Pittsburgh Latest developments: The Post-Gazette reported that Mike McCarthy, who won a Super Bowl with a 3-4 defense, aims to build the Steelers' scheme in that mold under coordinator Patrick Graham. McCarthy pointed to the lineage of Bill Cowher, Dick LeBeau, and Dom Capers as he laid out a 3-4 vision for the Steelers' defense heading into 2026. - Post-Gazette Steelers: https://www.post-gazette.com/sports/steelers/2026/06/22/nfl-34defense-mccarthy-cowher-lebeau-capers-graham/stories/202606170048 * DK Metcalf's Year 2 Upside Latest developments: A Post-Gazette podcast weighed how much more receiver DK Metcalf can give the Steelers in his second season with the team. The discussion gauged Metcalf's ceiling in 2026 as the Steelers' top wideout after his first year in Pittsburgh. - Post-Gazette Steelers: https://www.post-gazette.com/sports/steelers/2026/06/22/nfl-news-rumors-podcast-dk-metcalf/stories/202606220030 * Pirates Prospect Wietgrefe Riding a Scoreless Streak Latest developments: The Post-Gazette's MiLB Monday highlighted pitching prospect Connor Wietgrefe's scoreless streak at Double-A Altoona. Wietgrefe has drawn notice in the Pirates' farm system with a run of shutout work at Altoona, one of several prospects the column tracked across the minor leagues. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/22/milb-prospects-wietgrefe-murf-gray-stafura-brazoban-hernandez/stories/202606210084 Team USA: * USMNT Weighs Rotation Before Türkiye Finale Latest developments: With the U.S. men's national team already through to the knockout round, the question turned to whether coaches rotate the squad or keep the same starting eleven for the final Group D match against Türkiye. The USMNT clinched a place in the World Cup round of 32 as a co-host and now faces a lineup decision for its closing group game against Türkiye, balancing rest against momentum. - ESPN Soccer: https://www.espn.com/soccer/story/_/id/49140112/usmnt-faces-world-cup-dilemma-vs-turkiye-rotate-squad-keep-same-xi * Alex Freeman's Path to the USMNT Latest developments: ESPN detailed how Alex Freeman, son of former Green Bay Packers Pro Bowl receiver Antonio Freeman, reached the U.S. men's World Cup roster. Freeman, raised by an NFL father, carved his own route into the USMNT and is now playing in the 2026 World Cup on home soil. - ESPN Soccer: https://www.espn.com/soccer/story/_/id/49003063/how-alex-freeman-pro-bowl-dad-green-bay-packers-antonio-freeman-helped-world-cup-dream-usmnt READING ---------------------------------------------------------------- * Cal Newport -- Dear AI Companies: Stop the "Doom Trolling" Newport argues that AI companies undercut their own credibility by publicizing alarmist warnings about their products, likening it to a carmaker raising doom about its own bestselling vehicle. https://calnewport.com/dear-ai-companies-stop-the-doom-trolling/ * Stratechery -- Apple Price Increases, Apple Intelligence and the E.U. Ben Thompson examines Apple finally raising prices while withholding its Siri AI features from the European Union, tying the move to regulatory friction. https://stratechery.com/2026/apple-price-increases-apple-intelligence-and-the-e-u/ * Ed Zitron -- Premium: The Silicon Valley Bubble (Part 2) Zitron extends his case that Silicon Valley is in a bubble, drawing on OpenAI's audited financials showing $34 billion in spending against $13.07 billion in revenue. https://www.wheresyoured.at/premium-the-silicon-valley-bubble-part-2/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,483.56 ▲ +1.6% Dow 51,586.04 ▲ +1.8% Nasdaq 26,297.74 ▲ +2.5% WTI crude 79.01 ▼ -11.8% EUR/USD 1.1555 ▲ +0.1% GBP/USD 1.3359 = -0.0% USD/JPY 160.50 ▲ +0.1% ================================================================ Generated 2026-06-22 12:05 EDT. Sources: 24 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; 4 Team USA feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================