daily plain-text briefing: security, markets, business, and pittsburgh
A White House order put federal encryption on a hard deadline to outrun quantum computers, even as the Klue supply-chain breach spread to LastPass and the FortiBleed campaign's 110-million-credential haul came into full view.
Latest developments: President Trump signed executive order EO 14409 on June 22, 2026, drastically shortening the timeline and setting firm deadlines for federal post-quantum migration.
Post-quantum cryptography replaces encryption that future quantum computers could break. The order requires U.S. agencies to move key establishment to PQC by December 31, 2030, and digital signatures by December 31, 2031, and it leaves national security systems on a separate track.
Sources: Ars Technica Security · The Record · The Hacker News · SecurityWeek · ↑ top
Latest developments: ZenoX and CloudSEK reconstructed the campaign's fully automated attack pipeline from a server the operators left exposed, confirming a Russian-speaking access broker harvested 110 million credentials across 430,000 FortiGate firewalls since February 2026.
FortiBleed installs a custom Golang sniffer on compromised FortiGate firewalls to capture authentication credentials at scale. Organizations running internet-facing FortiGate devices should rotate credentials, hunt for the sniffer, and lock down management interfaces.
Sources: Help Net Security · The Hacker News · Dark Reading · SecurityWeek · ↑ top
Latest developments: BleepingComputer reported attackers now exploit CVE-2026-20230, a high-severity server-side request forgery flaw in Cisco Unified Communications Manager, the same day CISA issued seven industrial advisories spanning Siemens SINEC INS, SIPROTEC 5, and WinCC, plus ABB Freelance, Hubbell Aclara, and B&R products.
The Cisco flaw lets attackers coerce the call-control server into making unauthorized internal requests, and the CISA advisories cover OS command injection, weak key protection, and Linux kernel privilege escalation in operational-technology gear. Operators should patch Cisco Unified CM and apply the vendor fixes and countermeasures named in each advisory.
Sources: BleepingComputer · CISA Advisories · CISA Advisories · ↑ top
Latest developments: Healthtech firm Xsolis disclosed a phishing breach exposing sensitive data on nearly 1.4 million people, Tata Electronics confirmed a cyberattack as hackers leaked stolen files, and Canada's London Hydro disclosed theft of customer names, addresses, phone numbers, and account information.
Three breaches across health technology, electronics manufacturing, and electric utilities exposed personal and account data this week. Affected customers should watch for phishing and fraud and rotate any credentials tied to the compromised accounts.
Sources: BleepingComputer · BleepingComputer · SecurityWeek · ↑ top
Latest developments: Palo Alto Networks' Unit 42 dissected ClawHub, OpenClaw's skill marketplace, finding evasive malicious skills that slip past automated scanners to deploy infostealers and run agentic financial fraud, while a Cornell Tech study showed a 13-word Reddit comment can poison AI deep-research agents.
AI agent skill marketplaces let attackers distribute code that scanners mark safe; security firm AIR's harmless test skill reached 26,000 agents, including corporate accounts. Organizations should treat agent skills as untrusted supply-chain dependencies and restrict what each one can access.
Sources: Unit 42 (Palo Alto) · The Hacker News · Help Net Security · ↑ top
Latest developments: LastPass confirmed attackers used OAuth tokens stolen in the Klue supply-chain breach to take customer data from its Salesforce environment, while the extortion group Icarus began publishing stolen data as the victim list grew.
Attackers breached sales-intelligence vendor Klue, stole OAuth tokens linking to customers' Salesforce instances, and pivoted into connected environments. Affected Salesforce customers should revoke Klue tokens and audit every record reached through the integration.
Sources: BleepingComputer · Dark Reading · ↑ top
Latest developments: A second straight day of declines hammered chipmakers Tuesday, with Nvidia among the names under pressure as the Nasdaq slid on fears the AI boom cannot sustain its spending.
Investors dumped technology shares over stretched valuations, heavy AI capital spending, and the prospect of Federal Reserve rate increases, extending a rout that began Monday and rattling the megacap stocks that drove the market's record run.
Sources: WSJ Markets · FT World · ↑ top
Latest developments: Insurer Allianz called the strait's closure 'unprecedented' Tuesday, counting almost 1,200 cargo ships stranded with $125 billion of goods aboard.
The blockade of the Strait of Hormuz, the chokepoint for roughly a fifth of the world's oil, has halted nearly 1,200 vessels and raised alarm over global maritime trade while the U.S.-Iran accord remains unsettled.
Latest developments: Four Republicans joined Democrats Tuesday to pass a war-powers resolution directing President Trump to halt military operations against Iran absent congressional authorization, a week after he signed a framework with Tehran.
The Senate's largely symbolic rebuke signals Republican disquiet over Trump's handling of the Iran conflict and the interim deal that freed Iranian oil sales and unfroze billions in funds.
Sources: WSJ Politics · FT World · ↑ top
Tonight: Clear, low 55F.
Wednesday: Sunny, high 81F.
Wednesday Night: Partly Cloudy, low 59F.
Latest developments: The NHL approved Fenway Sports Group's sale of the Penguins to the Hoffmann family Tuesday, ending FSG's ownership as Commissioner Gary Bettman praised the buyers' 'great track record.'
Fenway Sports Group, which bought the Pittsburgh Penguins in 2021, handed the franchise to the Hoffmann family; Mario Lemieux retains a stake, and Bettman vouched for the incoming owners.
Sources: Pittsburgh Post-Gazette · Pittsburgh Post-Gazette · ↑ top
Latest developments: The Southwestern Pennsylvania Commission approved $4.7 billion in transportation projects spanning the next four years.
The 10-county Southwestern Pennsylvania Commission, the region's metropolitan planning organization, set its four-year spending plan for roads, bridges, and transit across the Pittsburgh area.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: City Councilman Anthony Coghill floated taxing skill games inside Pittsburgh, hoping to grandfather the city in before Harrisburg acts, after the Pennsylvania Supreme Court cleared the way.
Coghill says a municipal tax on the slot-like machines could bring millions into Pittsburgh's strained budget, following the state Supreme Court ruling that classified skill games under gaming law.
Latest developments: The Chartiers Valley School Board voted to hand student transportation to a private provider and furlough more than a dozen district transportation employees.
The board's decision, opposed by the Pennsylvania State Education Association over job and student-safety concerns, shifts busing for the suburban district southwest of Pittsburgh to an outside company.
Latest developments: Allegheny County Council advanced ballot questions letting voters decide in November whether to repeal long-standing limits on the council's budget and access to county-funded benefits.
The referendums would let the 15-member council expand its own spending and benefits, a move county officials warn against amid budget constraints.
Sources: TribLive · Pittsburgh Post-Gazette · ↑ top
Latest developments: Pittsburgh Regional Transit will shut part of Washington Place in Uptown for four days for University Line bus-route construction.
The closure of a key approach to PPG Paints Arena supports PRT's University Line bus rapid transit project linking Downtown and Oakland.
Latest developments: The Pittsburgh Symphony Orchestra laid out a summer concert series built around film scores.
The Pittsburgh Symphony Orchestra is devoting its summer programming to movie music, performing scores drawn from popular films.
Sources: Post-Gazette Arts & Entertainment · ↑ top
Pirates (39-39)
Tue Jun 23 · Mariners 3 · Pirates 2 · Bot 8th (in progress at last update)
Up Next · Mariners @ Pirates · Wed Jun 24, 6:40 PM
Latest developments: Tests came back negative for Jared Jones after a line drive struck his surgically repaired pitching elbow, and prospect Konnor Griffin will begin a rehab assignment, the Post-Gazette reported Tuesday.
Jones, the Pirates starter hit on the right elbow Sunday in Colorado, avoided structural damage, while top prospect Konnor Griffin moves closer to a return; the update also touched O'Neil Cruz.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: A Post-Gazette podcast assessed how much upside receiver DK Metcalf carries into his second season with the Steelers.
Post-Gazette writers gauged whether Metcalf, whom Pittsburgh acquired ahead of 2025, can post bigger numbers catching passes from quarterback Aaron Rodgers in 2026.
Sources: Post-Gazette Steelers · ↑ top
Latest developments: On the newest Footbahlin, Ben Roethlisberger congratulated tight end Pat Freiermuth on getting married amid a quiet Steelers offseason.
The Channel Seven podcast, hosted by former Steelers quarterback Ben Roethlisberger, filled the news-light stretch with stories and a beer segment, leading off with Freiermuth's marriage.
Sources: Ben Roethlisberger / Channel Seven (YouTube) · ↑ top
Latest developments: Having clinched a World Cup knockout spot by topping Group D, the U.S. men face the choice of resting starters or keeping the same XI in Thursday's group finale against Türkiye.
Mauricio Pochettino's United States, co-host of the 2026 World Cup, already reached the round of 32, turning the dead-rubber against Türkiye into a question of squad rotation versus match rhythm.
Sources: ESPN Soccer · ↑ top
Latest developments: Tyler Adams said he still wants to play Thursday against Türkiye even though a yellow card would suspend him for the United States' already-clinched round-of-32 match.
The U.S. captain and midfield anchor weighed the booking risk against sitting out the group finale, leaning toward playing.
Sources: ESPN Soccer · ↑ top
Latest developments: Kevin Durant will help coach a 3x3 tournament this summer benefiting various charities, USA Basketball announced.
Durant, the all-time leading scorer in Olympic basketball and a four-time gold medalist, joins other USA Basketball figures turning to coaching for the charitable event.
Sources: ESPN Olympics · ↑ top
S&P 500 7,454.06 ▲ +0.6% Dow 51,687.29 ▲ +1.5% Nasdaq 26,133.91 ▲ +1.1% WTI crude 77.00 ▼ -12.9% EUR/USD 1.1493 ▼ -0.7% GBP/USD 1.3277 ▼ -0.9% USD/JPY 161.06 ▲ +0.5%