daily plain-text briefing: security, markets, business, and pittsburgh
President Trump ordered federal agencies onto post-quantum cryptography by 2031, the same day a 29-year-old Squid proxy flaw surfaced leaking cleartext credentials and rival AI tools raced to out-hunt each other's bugs.
Latest developments: OpenAI expanded its Daybreak initiative with an improved GPT-5.5-Cyber and a Codex Security scanner to find and remediate flaws, the same day researchers showed an open-source model running their EVOHUNT playbook found real vulnerabilities at a higher rate than OpenAI's commercial Codex Security for about $1,400.
Daybreak combines OpenAI models, the Codex Security scan tool, researchers, and maintainers to discover, validate, and fix software bugs, including an open-source 'Patch the Planet' push that takes on Anthropic's Mythos. The EVOHUNT result suggests a cheap, model-agnostic playbook can rival pricier commercial offerings.
Sources: The Hacker News · Help Net Security · Help Net Security · Wired Security · ↑ top
Latest developments: Healthcare analytics firm Xsolis said attackers accessed personal and protected health information it received from clients, affecting 1.4 million individuals, while London, Ontario electric utility London Hydro disclosed that hackers stole customers' names, addresses, email addresses, phone numbers, and account information.
Two breaches hit a medical-data processor and a Canadian power utility, exposing health records and customer contact and account details. Affected individuals face heightened phishing and identity-theft risk and should watch statements and accounts.
Sources: SecurityWeek · SecurityWeek · ↑ top
Latest developments: Elastic Security Labs detailed OXLOADER, a previously unreported loader that likely Russian-speaking, financially motivated operators push through malicious Google Ads to deliver the CastleStealer info-stealer, while separately three malicious npm packages posing as PostCSS tools delivered a Windows remote-access trojan.
Two fresh campaigns funnel info-stealers and remote-access trojans through trusted entry points—paid search ads and the npm registry. Defenders should scrutinize ad-sourced downloads and audit recently added JavaScript dependencies such as postcss-minify-selector and aes-decode-runner-pro.
Sources: The Hacker News · The Hacker News · ↑ top
Latest developments: President Donald Trump signed an executive order requiring federal agencies to move high-value assets to post-quantum cryptography by the end of 2030 and high-impact systems by the end of 2031.
The order accelerates the federal migration off encryption that future quantum computers could break, steering agencies toward NIST-standardized algorithms. Agencies running the most sensitive systems must inventory vulnerable cryptography and transition first.
Sources: SecurityWeek · ↑ top
Latest developments: Spur Intelligence scanned 6,038 LG webOS and Samsung Tizen apps and found 2,058 carrying residential proxy software—42.5 percent of LG apps and 26.9 percent of Samsung apps—that routes strangers' internet traffic out through owners' home connections.
Screensaver, game, and slideshow apps on smart TVs quietly enroll living-room internet connections into residential proxy networks that criminals rent to mask malicious traffic. Owners gain nothing and bear the reputational and bandwidth cost of crime routed through their address.
Sources: Help Net Security · ↑ top
Latest developments: Calif.io disclosed Squidbleed, a heap over-read tracing to a 1997 FTP-parsing change that leaks another user's cleartext HTTP requests—credentials and session tokens included—to anyone the Squid proxy already allows in its default configuration.
Squidbleed is a Heartbleed-style data-exposure bug in the widely deployed Squid web proxy, surfaced with help from Claude Mythos Preview. Any organization running Squid in shared-proxy setups should patch immediately, since exploitation needs only permission to route traffic through the proxy.
Sources: The Hacker News · SecurityWeek · ↑ top
Latest developments: SpaceX shares tumbled more than 16% on June 23, erasing roughly $400 billion in market value and reversing the rally from its debut, while rising U.S. bond yields drove Nasdaq futures down more than 2% and dragged Asian and European markets lower.
A sell-off led by Elon Musk's SpaceX and other big technology stocks spread from Wall Street across global markets, lifting the dollar to a one-year high on safe-haven flows and bets on higher U.S. interest rates and pushing gold below $4,200 a troy ounce.
Sources: FT World · FT World · WSJ Markets · ↑ top
Latest developments: With Keir Starmer's resignation as Labour leader now in hand, some Labour MPs are weighing whether to back a rival to Greater Manchester mayor Andy Burnham, the favorite to become prime minister, though sceptics lack the numbers to stop him.
Starmer's exit opens a contest to lead Britain's governing party and the country, with Burnham the frontrunner; Brussels has postponed a planned July UK-EU summit on closer relations as it prepares for the prospect of a Burnham premiership.
Sources: FT World · FT World · ↑ top
Today: Mostly Sunny, high 79F.
Tonight: Mostly Clear, low 55F.
Wednesday: Sunny, high 81F.
Latest developments: Pittsburgh City Council is moving to tax skill-game terminals before Harrisburg acts, following the Pennsylvania Supreme Court ruling that classified the machines as slot machines.
Council members want a municipal levy on the gaming terminals that fill bars and corner stores across Pittsburgh, racing a state legislature that is weighing its own statewide taxation after the high court's June decision subjected skill games to gaming law.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: Pittsburgh-area gasoline prices began declining as the U.S.-Iran agreement calmed oil markets, though GasBuddy petroleum-analysis head Patrick De Haan said the local drop trails faster declines elsewhere in Pennsylvania and the country.
De Haan said the easing of tensions between Washington and Tehran is pulling pump prices down regionally, but Pittsburgh drivers are seeing slower relief than motorists in other parts of the state and nation.
Latest developments: Allegheny County is drafting a model zoning ordinance for sustainable data-center development as residents press the county for safeguards before developers arrive.
Residents worried about the noise, water, and electricity demands of data centers want county protections, but Allegheny County's reach is limited because zoning authority rests largely with individual municipalities.
Sources: PublicSource · ↑ top
Latest developments: A proposed merger of Mars borough and Adams Township in Butler County moved a step closer, with a municipal vote the next hurdle.
The two Butler County communities are exploring consolidation into a single municipality, a move that would reshape local government north of Pittsburgh.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: Pennsylvania's bipartisan election board is languishing because Governor Josh Shapiro has not appointed new members to fill it.
The vacancies leave the panel that helps oversee election administration unable to function as the state heads toward another election cycle.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: The Pittsburgh BBQ and Bands Festival runs Thursday, July 2, through Sunday, July 5, at the Monroeville Convention Center.
The four-day festival at the Monroeville Convention Center, 209 Mall Boulevard in Monroeville, pairs national award-winning rib and barbecue vendors with live music.
Sources: Pittsburgh City Paper · ↑ top
Latest developments: The Frick Pittsburgh is showing French Moderns, an exhibition of modernist painting that a City Paper review says resonates with today's changing world.
French Moderns at The Frick Pittsburgh in Point Breeze gathers works by Henri Matisse, Pierre-Auguste Renoir, Edgar Degas, and other modernist painters.
Sources: Pittsburgh City Paper · ↑ top
Latest developments: The Pittsburgh Symphony Orchestra has built its summer schedule around film scores performed live.
The orchestra is devoting the season to movie music, playing the soundtracks behind well-known films for Pittsburgh audiences.
Sources: Post-Gazette Music · ↑ top
Pirates (39-39)
Up Next · Mariners @ Pirates · Tue Jun 23, 6:40 PM
Latest developments: A Post-Gazette piece lays out Steelers coach Mike McCarthy's plan to rebuild the defense around the 3-4 front he rode to a Super Bowl title.
McCarthy, who won Super Bowl XLV with a 3-4 scheme, wants Pittsburgh to revive the front the franchise ran under Bill Cowher, Dick LeBeau, and Dom Capers, now in the hands of defensive coordinator Patrick Graham.
Sources: Post-Gazette Steelers · ↑ top
Latest developments: A Post-Gazette video weighs how much more receiver DK Metcalf can give the Steelers in his second season in Pittsburgh.
The discussion centers on Metcalf's room to grow as a No. 1 target after his first year with the team, now catching passes from quarterback Aaron Rodgers.
Sources: Post-Gazette Steelers · ↑ top
Latest developments: MiLB Monday spotlights Pirates pitching prospect Connor Wietgrefe and the scoreless streak he is building at Double-A Altoona.
The Post-Gazette's minor-league roundup highlights Wietgrefe's run of scoreless innings with the Altoona Curve as a development to watch in the Pirates' system.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: Having clinched a knockout-round place by topping Group D, the U.S. men's national team faces a choice between rotating its lineup and keeping the same starting eleven for its dead-rubber group finale against Türkiye.
Mauricio Pochettino's United States, a World Cup co-host, sealed first place in Group D with wins over Paraguay and Australia, draining the Türkiye match of stakes and opening a path for fringe players such as Alex Zendejas to make a first tournament appearance.
Sources: ESPN Soccer · ↑ top
S&P 500 7,491.82 ▲ +1.6% Dow 51,688.13 ▲ +1.9% Nasdaq 26,353.29 ▲ +2.6% WTI crude 77.00 ▼ -12.9% EUR/USD 1.1527 ▼ -0.3% GBP/USD 1.3311 ▼ -0.6% USD/JPY 160.79 ▲ +0.3%