================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Tuesday, June 23, 2026 - 9:05 AM EDT ================================================================ A Russian access broker's FortiBleed campaign has turned hundreds of thousands of FortiGate firewalls into credential sniffers that harvested 110 million logins, leading a day defined by attacks on trusted systems. CONTENTS: Emerging Trends and Key Updates | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS AND KEY UPDATES ---------------------------------------------------------------- * [TREND] Attackers weaponized infrastructure as the FortiBleed campaign turned FortiGate firewalls into sniffers harvesting 110 million credentials while Unit 42 detailed a universal cloud bucket hijacking technique. see: FortiBleed Campaign Harvests 110 Million Credentials; Universal Cloud Bucket Hijacking Technique * [TREND] Anthropic's Fable 5 fell to a jailbreak within days even as critics fault AI firms for doom trolling their own products' dangers. see: Anthropic's Fable 5 Jailbroken Within Days; Dear AI Companies: Stop the "Doom Trolling" * [UPDATE (new)] A hacker hijacked Brazil's Civil Defense Alert system, blasting a dozen false warnings to millions of phones over the weekend. see: Hacker Hijacks Brazil's Emergency Alert System * [UPDATE (new)] Police struck cybercrime as Scattered Spider members pleaded guilty over the £29 million Transport for London attack and a marketplace operator was extradited. see: Law Enforcement Strikes Scattered Spider and Marketplace Operators * [UPDATE (new)] An eight-year-old use-after-free flaw in Samsung's KNOX framework exposed Galaxy phones from the S9 through S25 to kernel-level attacks. see: Eight-Year-Old Samsung KNOX Flaw Exposes Galaxy Devices * [TREND] Local workforce pivots as Westmoreland CTC adds equipment for data-center jobs while Live Casino Pittsburgh schools new dealers for its floor. see: Westmoreland CTC Trains for Data-Center Jobs; Live Casino Pittsburgh Schools New Dealers SECURITY ---------------------------------------------------------------- 1. FORTIBLEED CAMPAIGN HARVESTS 110 MILLION CREDENTIALS Vulnerabilities and Exploits · [credential-theft, exploit] Latest developments: SOCRadar, Dark Reading, and SecurityWeek tied the operation to a Russian initial access broker whose Golang-based sniffer has targeted 430,000 FortiGate firewalls and identified 110 million credentials since February 2026, far beyond the roughly 86,000 figure reported earlier. FortiBleed plants custom sniffers on compromised Fortinet FortiGate firewalls to siphon authentication secrets from organizations worldwide. Operators should rotate credentials and harden internet-facing devices. - Dark Reading: https://www.darkreading.com/cyberattacks-data-breaches/fortibleed-attackers-firewalls-credentials-stealers - SecurityWeek: https://www.securityweek.com/russian-initial-access-broker-behind-fortibleed-campaign/ - BleepingComputer: https://www.bleepingcomputer.com/news/security/fortibleed-campaign-used-custom-fortigate-sniffer-to-steal-credentials/ 2. HACKER HIJACKS BRAZIL'S EMERGENCY ALERT SYSTEM Critical Infrastructure Security · [incident, critical-infrastructure] Latest developments: A hacker breached Brazil's Civil Defense Alert system early Saturday and pushed at least a dozen unauthorized warnings, including a message preaching misanthropy, to millions of phones. Brazil's Civil Defense Alert platform exists to warn residents of floods, landslides, and other imminent threats. The false alerts erode public trust in a system that works only because people believe it. - The Record: https://therecord.media/suspected-cyberattack-triggers-false-emergency-alerts-brazil - Graham Cluley: https://www.bitdefender.com/en-us/blog/hotforsecurity/hacker-hijacks-brazils-national-alert-system 3. LAW ENFORCEMENT STRIKES SCATTERED SPIDER AND MARKETPLACE OPERATORS Ransomware and Cybercrime · [arrest, cybercrime] Latest developments: Scattered Spider members Thalha Jubair, 20, of London and Owen Flowers, 18, of Walsall pleaded guilty to Computer Misuse Act offences over the 2024 Transport for London attack that cost £29 million, and U.S. prosecutors extradited 26-year-old Algerian Abdellah Belmili for running the Market0Day and Spoxy cybercrime marketplaces. Scattered Spider is the English-speaking extortion crew tied to major 2024 intrusions. Jubair and Flowers face sentencing on July 16, while Belmili faces up to 30 years for the two marketplaces. - Help Net Security: https://www.helpnetsecurity.com/2026/06/23/transport-london-cyberattack-scattered-spider-members-plead-guilty/ - SecurityWeek: https://www.securityweek.com/algerian-man-extradited-to-us-for-running-cybercrime-marketplaces/ 4. EIGHT-YEAR-OLD SAMSUNG KNOX FLAW EXPOSES GALAXY DEVICES Vulnerabilities and Exploits · [vulnerability, android] Latest developments: SecurityWeek detailed a high-severity use-after-free flaw that sat in Samsung's KNOX security framework for eight years, exposing Galaxy phones from the S9 through the S25 to kernel-level attacks. The bug lived in Samsung's core Android security framework, putting millions of Galaxy devices at risk of kernel compromise. Users should apply Samsung's security update. - SecurityWeek: https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/ 5. ANTHROPIC'S FABLE 5 JAILBROKEN WITHIN DAYS AI Security · [ai, jailbreak] Latest developments: Bruce Schneier reported that researchers bypassed the guardrails on Anthropic's Fable 5, the safety-tuned version of its Mythos Preview, within days of release, restoring the model's ability to help build cyberattacks. Anthropic shipped Fable 5 as the constrained, export-friendly sibling of Mythos with controls against offensive use. The fast jailbreak shows such guardrails buy defenders little time. - Schneier on Security: https://www.schneier.com/blog/archives/2026/06/anthropics-fable-5-model-jailbroken-within-days.html 6. UNIVERSAL CLOUD BUCKET HIJACKING TECHNIQUE Vulnerabilities and Exploits · [cloud, research] Latest developments: Palo Alto Networks' Unit 42 published a universal bucket-hijacking technique that abuses the global uniqueness of storage names to redirect cloud data streams across the major providers. Because storage bucket names are globally unique, an attacker who claims an abandoned name can intercept data meant for the original owner across major cloud providers. Teams should retire bucket references with care. - Unit 42 (Palo Alto): https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/ BUSINESS AND POLITICS ---------------------------------------------------------------- * Tech Selloff Deepens, Dollar Hits One-Year High Latest developments: The rout ran into a second day as the dollar climbed to a fresh one-year high on bets the Federal Reserve will raise rates, gold slid below $4,200 an ounce, and SpaceX extended its plunge. Big technology shares led a global equity selloff, with SpaceX down more than 16% from its blockbuster debut and Nasdaq futures sliding, as rising U.S. bond yields and expectations of rate increases under Federal Reserve chair Kevin Warsh pushed the dollar to a one-year high against major currencies and dragged Asian and European markets lower. - FT World: https://www.ft.com/content/10623865-5ff4-4357-9293-3c4ec841d1c4 - WSJ Markets: https://www.wsj.com/livecoverage/stock-market-today-dow-sp-500-nasdaq-06-23-2026?mod=rss_markets_main - WSJ Markets: https://www.wsj.com/finance/currencies/yen-consolidates-risk-of-fx-intervention-rising-098be64c?mod=rss_markets_main PITTSBURGH ---------------------------------------------------------------- Weather: Today: Mostly Sunny, high 79F. Tonight: Mostly Clear, low 55F. Wednesday: Sunny, high 81F. Business: * Dean's Diner in Blairsville Goes Dark Latest developments: The Post-Gazette reports the region's last independently owned 24-hour diner has gone, sending all-night customers across the state line to Ohio. Dean's Diner, the longtime independently owned around-the-clock restaurant in Blairsville, Indiana County, has ended its 24-hour service, leaving Western Pennsylvania without an independently owned all-night diner. - Pittsburgh Post-Gazette: https://www.post-gazette.com/life/dining/2026/06/23/deans-diner-blairsville-pa/stories/202606220033 * Westmoreland CTC Trains for Data-Center Jobs Latest developments: Northern Westmoreland Career and Technology Center in New Kensington is adding new equipment to train students for the data-center industry it expects to boom locally. Northern Westmoreland Career and Technology Center in New Kensington is bringing in new equipment to prepare students for construction and operations jobs at the data centers projected to spread across the region. - TribLive: https://triblive.com/local/valley-news-dispatch/northern-westmoreland-ctc-bringing-in-new-equipment-aimed-at-data-center-jobs/ * Live Casino Pittsburgh Schools New Dealers Latest developments: Live Casino Pittsburgh is running table-games schools to train dealers for its gambling floor, with recruits like Elijah McBride learning to stack chips and run cards. Live Casino Pittsburgh is holding table-games schools where trainees learn to deal blackjack and other games, building a pipeline of dealers for the casino floor. - TribLive: https://triblive.com/local/westmoreland/trainees-learn-to-enjoy-the-moment-at-table-games-schools/ Around town: * Hempfield Area Weighs Budget With Tax Increase Latest developments: The Hempfield Area School Board scheduled a vote next week on a $118.7 million budget carrying a 4.2% tax increase. The Hempfield Area School Board in Westmoreland County votes next week on a $118.7 million spending plan for 2026-27 that would raise the average property-tax bill about $90 through a 4.2% increase. - TribLive: https://triblive.com/local/westmoreland/hempfield-area-to-vote-next-week-on-118-7m-budget-with-4-2-tax-hike/ * Penn State Trustees' Closed Sessions Questioned Latest developments: A Post-Gazette review found some closed-door conferences of Penn State's board of trustees may run afoul of Pennsylvania's open-meetings law. Some private conferences held by Penn State University's board of trustees potentially violate Pennsylvania's Sunshine Act, which requires public bodies to deliberate in the open, the Post-Gazette reported. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/education/2026/06/23/penn-state-trustees-sunshine-act/stories/202606230003 * NWS to Survey Possible Fayette County Tornado Latest developments: The National Weather Service scheduled a Tuesday survey to confirm whether Monday's storms spun up a tornado in Fayette County. The National Weather Service will send a team to Fayette County to determine whether a tornado touched down Monday, when storms felled trees and flooded roads across the area. - TribLive: https://triblive.com/local/regional/nws-to-investigate-possible-fayette-county-tornado/ Events: * America250PA Concert at Point State Park Latest developments: Point State Park downtown will close temporarily to stage the weekend America250PA concert headlined by rapper Nelly and the band Third Eye Blind. Point State Park in downtown Pittsburgh closes this weekend to host the America250PA concert, with Nelly and Third Eye Blind on the bill. - WPXI: https://www.wpxi.com/news/local/point-state-park-temporarily-close-america250pa-nelly-third-eye-blind-concert/MWL7HJCMFJHFRGFW6R62JGDPIU/ SPORTS ---------------------------------------------------------------- Pirates (39-39) Up Next · Mariners @ Pirates · Tue Jun 23, 6:40 PM https://plaintextsports.com/mlb/2026-06-23/sea-pit READING ---------------------------------------------------------------- * Stratechery -- Memory Chips and China, Microsoft and Chinese Models Argues the three big memory makers may come to regret opening the door to Chinese memory rivals, while Microsoft has strong incentives to lean on Chinese AI models. https://stratechery.com/2026/memory-chips-and-china-microsoft-and-chinese-models/ * Cal Newport -- Dear AI Companies: Stop the "Doom Trolling" Newport faults AI companies for publicly fretting that their own products are dangerous, likening it to Ford issuing an alarming whitepaper worrying about the F-150. https://calnewport.com/dear-ai-companies-stop-the-doom-trolling/ * Ed Zitron -- Premium: The Silicon Valley Bubble (Part 2) Zitron extends his argument that Silicon Valley sits in a bubble, building on his reporting that OpenAI spent $34 billion to generate $13.07 billion in revenue. https://www.wheresyoured.at/premium-the-silicon-valley-bubble-part-2/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,491.82 ▲ +1.6% Dow 51,688.13 ▲ +1.9% Nasdaq 26,353.29 ▲ +2.6% WTI crude 77.00 ▼ -12.9% EUR/USD 1.1527 ▼ -0.3% GBP/USD 1.3311 ▼ -0.6% USD/JPY 160.79 ▲ +0.3% ================================================================ Generated 2026-06-23 09:05 EDT. Sources: 24 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; 4 Team USA feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================