================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Tuesday, June 23, 2026 - 12:06 PM EDT ================================================================ Researchers reconstructed FortiBleed's fully automated pipeline that scraped 110 million credentials, while OAuth tokens pilfered in the Klue breach surfaced inside LastPass. CONTENTS: Emerging Trends and Key Updates | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS AND KEY UPDATES ---------------------------------------------------------------- * [TREND] Stolen secrets cascade across vendors as a FortiBleed sniffer validates logins on FortiGate firewalls while OAuth tokens from the Klue breach unlock LastPass data in Salesforce. see: FortiBleed Attack Chain Fully Reconstructed; LastPass Confirmed in Klue Supply-Chain Breach * [TREND] Attackers turn on the AI layer itself, skewing deep-research agents with a few words in a Reddit comment and poisoning the memory assistants carry between sessions. see: Attackers Poison What AI Reads and Remembers * [TREND] Decades-old code keeps detonating, as Squidbleed traces a heap over-read to a 1997 FTP-parsing change still shipping in Squid's default proxy configuration. see: Squidbleed Leaks Cleartext Through 29-Year-Old Squid Bug * [UPDATE (new)] Fresh disclosures hit London Hydro, Xsolis exposing health data on 1.4 million people, and Tata Electronics, whose leak allegedly includes Apple and Tesla documents. see: Utility, Health, and Manufacturing Breaches Pile Up * [UPDATE (new)] A new Trump executive order requires federal agencies to migrate high-value assets to post-quantum cryptography by 2030 and high-impact systems by 2031. see: Trump Order Accelerates Post-Quantum Migration SECURITY ---------------------------------------------------------------- 1. FORTIBLEED ATTACK CHAIN FULLY RECONSTRUCTED Vulnerabilities and Exploits · [credential-theft, apt, exploit] Latest developments: Analysts at ZenoX and CloudSEK rebuilt the campaign's full automated pipeline from a server the operators left exposed, detailing how the custom sniffer harvests and validates authentication secrets on compromised firewalls. A Russian initial access broker runs custom Golang sniffers on compromised FortiGate firewalls, capturing more than 110 million credentials since February 2026 across 430,000 devices. Organizations running FortiGate should rotate credentials, hunt for the sniffer, and harden management interfaces. - Help Net Security: https://www.helpnetsecurity.com/2026/06/23/fortibleed-investigation-remediation/ - Dark Reading: https://www.darkreading.com/cyberattacks-data-breaches/fortibleed-attackers-firewalls-credentials-stealers - SecurityWeek: https://www.securityweek.com/russian-initial-access-broker-behind-fortibleed-campaign/ - BleepingComputer: https://www.bleepingcomputer.com/news/security/fortibleed-campaign-used-custom-fortigate-sniffer-to-steal-credentials/ 2. UTILITY, HEALTH, AND MANUFACTURING BREACHES PILE UP Data Breaches · [breach, healthcare, manufacturing] Latest developments: London Hydro, Xsolis, and Tata Electronics each disclosed intrusions today, with Xsolis exposing protected health data on 1.4 million people and Tata's leak including documents allegedly tied to Apple and Tesla. Ontario utility London Hydro lost customer names, addresses, and account information; healthcare analytics firm Xsolis exposed personal and protected health data on 1.4 million individuals; and India's Tata Electronics confirmed a cyberattack a crime group used to post confidential files. Affected customers should watch for phishing and identity fraud. - SecurityWeek: https://www.securityweek.com/canadian-electricity-provider-london-hydro-discloses-data-breach/ - SecurityWeek: https://www.securityweek.com/xsolis-data-breach-affects-1-4-million-individuals/ - The Record: https://therecord.media/tata-electronics-confirms-cyberattack 3. ATTACKERS POISON WHAT AI READS AND REMEMBERS AI Security · [ai, poisoning] Latest developments: A Cornell Tech study found that as few as 13 words in a Reddit comment can skew the cited reports of deep-research agents, and Microsoft published defenses for threat actors who poison the memory assistants carry between sessions. Attackers now target the AI layer itself, planting tiny snippets of user-generated text to manipulate search agents and corrupting persistent assistant memory. Teams deploying agentic AI should validate sources, constrain memory writes, and monitor for poisoned context. - Help Net Security: https://www.helpnetsecurity.com/2026/06/23/reddit-ai-search-poisoning-research/ - Microsoft Security Blog: https://www.microsoft.com/en-us/security/blog/2026/06/22/guarding-ai-memory/ 4. LASTPASS CONFIRMED IN KLUE SUPPLY-CHAIN BREACH Data Breaches · [breach, supply-chain, oauth] Latest developments: LastPass confirmed attackers reached its Salesforce environment and accessed customer data using OAuth tokens stolen in this month's Klue supply-chain attack, adding the password manager to the growing victim list. The Klue compromise stole OAuth tokens that bridged into customers' Salesforce tenants, and the cascade has now reached LastPass. Firms linked to Klue should revoke tokens, audit Salesforce access logs, and watch for follow-on extortion. - BleepingComputer: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/ 5. TRUMP ORDER ACCELERATES POST-QUANTUM MIGRATION Policy and Regulation · [policy, cryptography] Latest developments: President Trump signed an executive order requiring federal agencies to move high-value assets to post-quantum cryptography by the end of 2030 and high-impact systems by the end of 2031. The order sets firm federal deadlines to adopt encryption resistant to future quantum computers capable of breaking today's algorithms. Agencies and their contractors must inventory cryptographic assets and plan the migration now. - SecurityWeek: https://www.securityweek.com/trump-signs-executive-order-accelerating-post-quantum-cryptography-migration/ 6. SQUIDBLEED LEAKS CLEARTEXT THROUGH 29-YEAR-OLD SQUID BUG Vulnerabilities and Exploits · [vulnerability, patch, proxy] Latest developments: Researchers at Calif.io disclosed Squidbleed, tracing a heap over-read to a 1997 FTP-parsing change that has lived in the Squid web proxy for 29 years and still ships in its default configuration. Squidbleed leaks another user's cleartext HTTP request—credentials and session tokens included—to anyone allowed to send traffic through the same Squid proxy. Administrators running Squid should patch immediately, since the flaw is live by default. - The Hacker News: https://thehackernews.com/2026/06/29-year-old-squid-proxy-bug-squidbleed.html BUSINESS AND POLITICS ---------------------------------------------------------------- * Tech Selloff Accelerates on Rate Fears Latest developments: The rout entered another session led by chipmakers, dropping the Nasdaq 2.2% as Nvidia fell on bets the Federal Reserve will raise rates and gold sank toward $4,000 an ounce, its lowest since November. A widening selloff in technology stocks, fueled by jitters over AI companies' heavy spending and looming Federal Reserve rate increases, pulled the Nasdaq lower and dragged Asian and European markets down, with SpaceX shares tumbling after their blockbuster market debut. - WSJ: https://www.wsj.com/finance/stock-futures-slide-as-technology-selloff-spreads-79833610?mod=rss_markets_main - FT: https://www.ft.com/content/10623865-5ff4-4357-9293-3c4ec841d1c4 - FT: https://www.ft.com/content/1b51e703-54d3-4d2a-924e-af0575b7f153 * U.S.-Iran Deal Nears as Trump Frees $6bn Latest developments: President Trump agreed to release $6 billion in frozen Iranian funds held in Qatar to buy US medical supplies and crops, Vice President JD Vance returned from talks reporting a successful foundation to fully reopen the Strait of Hormuz, and Iran's president flew to Pakistan to help finalize a permanent accord. Washington and Tehran are negotiating an end to their war, with the United States waiving sanctions on Iranian oil and clearing the Strait of Hormuz to reopen, moves that sent oil futures lower as more crude returns to the market. - FT: https://www.ft.com/content/cc04e61e-7f1c-42b5-8238-f3f90f230510 - FT: https://www.ft.com/content/13f4d592-0611-4199-847d-d2a4abc9eda7 - WSJ: https://www.wsj.com/finance/commodities-futures/oil-futures-rise-on-likely-technical-recovery-4d78de6f?mod=rss_markets_main PITTSBURGH ---------------------------------------------------------------- Weather: This Afternoon: Sunny, high 79F. Tonight: Mostly Clear, low 55F. Wednesday: Sunny, high 81F. Business: * Kraft Heinz Reorganizes Into Three Regions Latest developments: Kraft Heinz announced a reorganization into three global regions, the latest step in Chief Executive Cahillane's six-month revival that earlier paused the company's planned breakup. Kraft Heinz, the food conglomerate co-headquartered in Pittsburgh, is restructuring its operations into three global regions after shelving the corporate separation it had planned for this year. - WPXI: https://www.wpxi.com/news/local/kraft-heinz-reorganizes-into-three-global-regions/QC6X2R3PI5FJZF4KJZONOWVTIY/ * AGH Finishes $19 Million Cardiac Lab Latest developments: Allegheny General Hospital completed a $19 million expansion and renovation of its cardiac labs. The North Side hospital's project enlarges the Mario Lemieux Center for Heart Rhythm Care within Allegheny Health Network's Allegheny General, adding space for electrophysiology and heart-rhythm treatment. - WPXI: https://www.wpxi.com/news/local/allegheny-general-hospital-completes-19-million-cardiac-lab-expansion/QJLASWSQVZBKDHEBHOW2MRKUXI/ * Pittsburgh Gas Prices Edge Down Latest developments: Pittsburgh-area gas prices began falling this week, though slower than elsewhere in Pennsylvania and the country. GasBuddy petroleum analyst Patrick De Haan credits the United States-Iran agreement for easing prices, saying the local drop lags what drivers in other parts of the state are seeing. - KDKA: https://www.cbsnews.com/pittsburgh/news/pittsburgh-gas-prices-dropping-pennsylvania-iran-war/ Around town: * Turtle Creek Schoolhouse Becomes Apartments Latest developments: The Calvin Anderson Schoolhouse Apartments at St. Coleman opened Monday in Turtle Creek. Developers converted the historic St. Coleman school into 24 two-bedroom affordable apartments for young adults aging out of foster care, a new affordable-housing community in the Allegheny County borough. - WPXI: https://www.wpxi.com/news/local/former-school-turtle-creek-opens-apartments-young-adults-transitioning-out-foster-care/5LZI7X7QR5GA3PFOIBRCI4ID3M/ * Pennsylvania Election Board Sits Idle Latest developments: A Post-Gazette report found Pennsylvania's bipartisan election board languishing because Governor Josh Shapiro has not appointed new members. The vacancies leave the panel that helps oversee election administration unable to function as the state heads toward another election cycle. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/politics-state/2026/06/23/pennsylvania-election-board-shapiro/stories/202606230002 * Trump Visits Mack Trucks Plant Latest developments: President Trump traveled Tuesday to a Mack Trucks facility in a Pennsylvania battleground district, his fifth visit to the state in his second term. The stop at the truck maker continues the administration's courtship of Pennsylvania industrial workers in a swing region. - WTAE: https://www.wtae.com/article/pennsylvania-president-donald-trump-mack-trucks/71669924 Events: * America250PA Concert at the Point Latest developments: Organizers set the America250PA concert for Saturday, June 27, and Point State Park downtown will close temporarily to stage it. Rapper Nelly and the band Third Eye Blind headline the free America250PA concert at Point State Park downtown on Saturday, June 27, under the theme "Celebrating Educators and Innovators," part of a statewide series of free shows. - Pittsburgh Magazine: https://www.pittsburghmagazine.com/things-to-do-this-weekend-in-pittsburgh/ - WPXI: https://www.wpxi.com/news/local/point-state-park-temporarily-close-america250pa-nelly-third-eye-blind-concert/MWL7HJCMFJHFRGFW6R62JGDPIU/ * Andy Warhol Bridge Turns 100 Latest developments: The Andy Warhol Bridge marks its 100th anniversary this weekend with a centennial celebration. The yellow span over the Allegheny River, linking downtown Pittsburgh to the North Shore, reaches its centennial, and the city is throwing a birthday bash to mark it. - KDKA: https://www.cbsnews.com/pittsburgh/video/this-iconic-pittsburgh-bridge-is-turning-triple-digits-this-weekend/ * Pittsburgh Symphony's Summer Movie Music Latest developments: The Pittsburgh Symphony Orchestra laid out a summer series built around film scores. The orchestra is devoting its summer programming to movie music, performing scores from the screen for Pittsburgh audiences. - Pittsburgh Post-Gazette: https://www.post-gazette.com/ae/music/2026/06/22/pso-movie-music-pittsburgh-symphony-orchestra/stories/202606170061 SPORTS ---------------------------------------------------------------- Pirates (39-39) Up Next · Mariners @ Pirates · Tue Jun 23, 6:40 PM https://plaintextsports.com/mlb/2026-06-23/sea-pit Around the Teams: * DK Metcalf's Year-Two Upside Latest developments: A June 22 Post-Gazette podcast weighed how much more DK Metcalf can give the Steelers in his second season with the team. The discussion gauged the ceiling for receiver DK Metcalf as he enters a full second year in Pittsburgh's offense. - Post-Gazette Steelers: https://www.post-gazette.com/sports/steelers/2026/06/22/nfl-news-rumors-podcast-dk-metcalf/stories/202606220030 * Wietgrefe's Scoreless Streak in Altoona Latest developments: The Post-Gazette's MiLB Monday highlighted Pirates prospect Connor Wietgrefe's scoreless streak at Double-A Altoona. The pitcher is turning heads in the Pirates' minor-league system with a run of scoreless outings for the Altoona Curve. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/22/milb-prospects-wietgrefe-murf-gray-stafura-brazoban-hernandez/stories/202606210084 Team USA: * USMNT Weighs Rotation for Türkiye Finale Latest developments: Having clinched a knockout spot by topping Group D, the United States men's national team debates whether to rotate its lineup for Thursday's group finale against Türkiye, with Christian Pulisic back in full training. Coach Mauricio Pochettino's side, riding good vibes as World Cup co-host, must decide between resting starters and keeping its winning eleven, while Pulisic has recovered from the left calf injury that sidelined him since June 11. - ESPN: https://www.espn.com/soccer/story/_/id/49140112/usmnt-faces-world-cup-dilemma-vs-turkiye-rotate-squad-keep-same-xi - ESPN: https://www.espn.com/soccer/story/_/id/49145667/usmnt-riding-good-vibes-christian-pulisic-back-training READING ---------------------------------------------------------------- * Ed Zitron -- Cargo Culture Zitron argues the tech and AI industry mimics the outward rituals and forms of past success while lacking the underlying substance that produced it. https://www.wheresyoured.at/cargo-culture/ * Stratechery -- Memory Chips and China, Microsoft and Chinese Models Thompson contends the big three memory makers may regret opening the door to Chinese rivals, and that Microsoft is strongly incentivized to adopt Chinese AI models. https://stratechery.com/2026/memory-chips-and-china-microsoft-and-chinese-models/ * Cal Newport -- Dear AI Companies: Stop the "Doom Trolling" Newport argues that AI firms marketing their own products through existential alarm makes no more sense than a carmaker warning its bestselling truck is dangerous, and urges them to drop the doom messaging. https://calnewport.com/dear-ai-companies-stop-the-doom-trolling/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,491.82 ▲ +1.6% Dow 51,688.13 ▲ +1.9% Nasdaq 26,353.29 ▲ +2.6% WTI crude 77.00 ▼ -12.9% EUR/USD 1.1527 ▼ -0.3% GBP/USD 1.3311 ▼ -0.6% USD/JPY 160.79 ▲ +0.3% ================================================================ Generated 2026-06-23 12:06 EDT. Sources: 24 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; 4 Team USA feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================