infosecfollow

daily plain-text briefing: security, markets, business, and pittsburgh

A Russian access broker's FortiBleed campaign has turned hundreds of thousands of FortiGate firewalls into credential sniffers that harvested 110 million logins, leading a day defined by attacks on trusted systems.

Emerging Trends and Key Updates

Trend Attackers weaponized infrastructure as the FortiBleed campaign turned FortiGate firewalls into sniffers harvesting 110 million credentials while Unit 42 detailed a universal cloud bucket hijacking technique.
Trend Anthropic's Fable 5 fell to a jailbreak within days even as critics fault AI firms for doom trolling their own products' dangers.
Update · new A hacker hijacked Brazil's Civil Defense Alert system, blasting a dozen false warnings to millions of phones over the weekend.
Update · new Police struck cybercrime as Scattered Spider members pleaded guilty over the £29 million Transport for London attack and a marketplace operator was extradited.
Update · new An eight-year-old use-after-free flaw in Samsung's KNOX framework exposed Galaxy phones from the S9 through S25 to kernel-level attacks.
Trend Local workforce pivots as Westmoreland CTC adds equipment for data-center jobs while Live Casino Pittsburgh schools new dealers for its floor.

Security

1. FortiBleed Campaign Harvests 110 Million Credentials

Vulnerabilities and Exploits · [credential-theft, exploit]

Latest developments: SOCRadar, Dark Reading, and SecurityWeek tied the operation to a Russian initial access broker whose Golang-based sniffer has targeted 430,000 FortiGate firewalls and identified 110 million credentials since February 2026, far beyond the roughly 86,000 figure reported earlier.

FortiBleed plants custom sniffers on compromised Fortinet FortiGate firewalls to siphon authentication secrets from organizations worldwide. Operators should rotate credentials and harden internet-facing devices.

Sources: Dark Reading · SecurityWeek · BleepingComputer · ↑ top

2. Hacker Hijacks Brazil's Emergency Alert System

Critical Infrastructure Security · [incident, critical-infrastructure]

Latest developments: A hacker breached Brazil's Civil Defense Alert system early Saturday and pushed at least a dozen unauthorized warnings, including a message preaching misanthropy, to millions of phones.

Brazil's Civil Defense Alert platform exists to warn residents of floods, landslides, and other imminent threats. The false alerts erode public trust in a system that works only because people believe it.

Sources: The Record · Graham Cluley · ↑ top

3. Law Enforcement Strikes Scattered Spider and Marketplace Operators

Ransomware and Cybercrime · [arrest, cybercrime]

Latest developments: Scattered Spider members Thalha Jubair, 20, of London and Owen Flowers, 18, of Walsall pleaded guilty to Computer Misuse Act offences over the 2024 Transport for London attack that cost £29 million, and U.S. prosecutors extradited 26-year-old Algerian Abdellah Belmili for running the Market0Day and Spoxy cybercrime marketplaces.

Scattered Spider is the English-speaking extortion crew tied to major 2024 intrusions. Jubair and Flowers face sentencing on July 16, while Belmili faces up to 30 years for the two marketplaces.

Sources: Help Net Security · SecurityWeek · ↑ top

4. Eight-Year-Old Samsung KNOX Flaw Exposes Galaxy Devices

Vulnerabilities and Exploits · [vulnerability, android]

Latest developments: SecurityWeek detailed a high-severity use-after-free flaw that sat in Samsung's KNOX security framework for eight years, exposing Galaxy phones from the S9 through the S25 to kernel-level attacks.

The bug lived in Samsung's core Android security framework, putting millions of Galaxy devices at risk of kernel compromise. Users should apply Samsung's security update.

Sources: SecurityWeek · ↑ top

5. Anthropic's Fable 5 Jailbroken Within Days

AI Security · [ai, jailbreak]

Latest developments: Bruce Schneier reported that researchers bypassed the guardrails on Anthropic's Fable 5, the safety-tuned version of its Mythos Preview, within days of release, restoring the model's ability to help build cyberattacks.

Anthropic shipped Fable 5 as the constrained, export-friendly sibling of Mythos with controls against offensive use. The fast jailbreak shows such guardrails buy defenders little time.

Sources: Schneier on Security · ↑ top

6. Universal Cloud Bucket Hijacking Technique

Vulnerabilities and Exploits · [cloud, research]

Latest developments: Palo Alto Networks' Unit 42 published a universal bucket-hijacking technique that abuses the global uniqueness of storage names to redirect cloud data streams across the major providers.

Because storage bucket names are globally unique, an attacker who claims an abandoned name can intercept data meant for the original owner across major cloud providers. Teams should retire bucket references with care.

Sources: Unit 42 (Palo Alto) · ↑ top

Business and Politics

Tech Selloff Deepens, Dollar Hits One-Year High

Latest developments: The rout ran into a second day as the dollar climbed to a fresh one-year high on bets the Federal Reserve will raise rates, gold slid below $4,200 an ounce, and SpaceX extended its plunge.

Big technology shares led a global equity selloff, with SpaceX down more than 16% from its blockbuster debut and Nasdaq futures sliding, as rising U.S. bond yields and expectations of rate increases under Federal Reserve chair Kevin Warsh pushed the dollar to a one-year high against major currencies and dragged Asian and European markets lower.

Sources: FT World · WSJ Markets · WSJ Markets · ↑ top

Pittsburgh

Weather

Today: Mostly Sunny, high 79F.

Tonight: Mostly Clear, low 55F.

Wednesday: Sunny, high 81F.

Business

Dean's Diner in Blairsville Goes Dark

Latest developments: The Post-Gazette reports the region's last independently owned 24-hour diner has gone, sending all-night customers across the state line to Ohio.

Dean's Diner, the longtime independently owned around-the-clock restaurant in Blairsville, Indiana County, has ended its 24-hour service, leaving Western Pennsylvania without an independently owned all-night diner.

Sources: Pittsburgh Post-Gazette · ↑ top

Westmoreland CTC Trains for Data-Center Jobs

Latest developments: Northern Westmoreland Career and Technology Center in New Kensington is adding new equipment to train students for the data-center industry it expects to boom locally.

Northern Westmoreland Career and Technology Center in New Kensington is bringing in new equipment to prepare students for construction and operations jobs at the data centers projected to spread across the region.

Sources: TribLive · ↑ top

Live Casino Pittsburgh Schools New Dealers

Latest developments: Live Casino Pittsburgh is running table-games schools to train dealers for its gambling floor, with recruits like Elijah McBride learning to stack chips and run cards.

Live Casino Pittsburgh is holding table-games schools where trainees learn to deal blackjack and other games, building a pipeline of dealers for the casino floor.

Sources: TribLive · ↑ top

Around Town

Hempfield Area Weighs Budget With Tax Increase

Latest developments: The Hempfield Area School Board scheduled a vote next week on a $118.7 million budget carrying a 4.2% tax increase.

The Hempfield Area School Board in Westmoreland County votes next week on a $118.7 million spending plan for 2026-27 that would raise the average property-tax bill about $90 through a 4.2% increase.

Sources: TribLive · ↑ top

Penn State Trustees' Closed Sessions Questioned

Latest developments: A Post-Gazette review found some closed-door conferences of Penn State's board of trustees may run afoul of Pennsylvania's open-meetings law.

Some private conferences held by Penn State University's board of trustees potentially violate Pennsylvania's Sunshine Act, which requires public bodies to deliberate in the open, the Post-Gazette reported.

Sources: Pittsburgh Post-Gazette · ↑ top

NWS to Survey Possible Fayette County Tornado

Latest developments: The National Weather Service scheduled a Tuesday survey to confirm whether Monday's storms spun up a tornado in Fayette County.

The National Weather Service will send a team to Fayette County to determine whether a tornado touched down Monday, when storms felled trees and flooded roads across the area.

Sources: TribLive · ↑ top

Events

America250PA Concert at Point State Park

Latest developments: Point State Park downtown will close temporarily to stage the weekend America250PA concert headlined by rapper Nelly and the band Third Eye Blind.

Point State Park in downtown Pittsburgh closes this weekend to host the America250PA concert, with Nelly and Third Eye Blind on the bill.

Sources: WPXI · ↑ top

Sports

Pirates (39-39)

Up Next · Mariners @ Pirates · Tue Jun 23, 6:40 PM

Reading

Stratechery — Memory Chips and China, Microsoft and Chinese Models. Argues the three big memory makers may come to regret opening the door to Chinese memory rivals, while Microsoft has strong incentives to lean on Chinese AI models.
Cal Newport — Dear AI Companies: Stop the "Doom Trolling". Newport faults AI companies for publicly fretting that their own products are dangerous, likening it to Ford issuing an alarming whitepaper worrying about the F-150.
Ed Zitron — Premium: The Silicon Valley Bubble (Part 2). Zitron extends his argument that Silicon Valley sits in a bubble, building on his reporting that OpenAI spent $34 billion to generate $13.07 billion in revenue.

Markets

weekly average, change vs prior week

S&P 500     7,491.82  ▲ +1.6%
Dow        51,688.13  ▲ +1.9%
Nasdaq     26,353.29  ▲ +2.6%
WTI crude      77.00  ▼ -12.9%
EUR/USD       1.1527  ▼ -0.3%
GBP/USD       1.3311  ▼ -0.6%
USD/JPY       160.79  ▲ +0.3%