daily plain-text briefing: security, markets, business, and pittsburgh
Attackers keep punching through network-edge hardware as Cisco SD-WAN, Lantronix, and Ubiquiti flaws all see active exploitation, while new macOS malware learns to blind the AI tools meant to catch it.
Latest developments: Mandiant published the full attack mechanics, showing an unknown actor abused rogue peering to connect to victim Cisco Catalyst SD-WAN devices and forge root-level accounts, and SecurityWeek counted CVE-2026-20245 as the seventh Cisco SD-WAN flaw exploited in 2026.
CVE-2026-20245, a high-severity command-injection flaw in Cisco Catalyst SD-WAN, lets a local authenticated attacker run commands with elevated privileges; the actor exploited it as a zero-day at least two months before disclosure. Cisco has patched it, and operators should update and hunt for rogue root accounts.
Sources: SecurityWeek · The Hacker News · BleepingComputer · Dark Reading · ↑ top
Latest developments: SecurityWeek confirmed attackers are now exploiting CVE-2025-67038 in the wild, one of the BRIDGE:BREAK serial-device flaws disclosed in April, days after CISA ordered federal agencies to patch the Lantronix bug by June 26, 2026.
CVE-2025-67038, a CVSS 9.8 code-injection flaw in Lantronix EDS5000 serial-to-ethernet servers, sits alongside actively exploited Ubiquiti UniFi OS bugs that CISA added to its known-exploited catalog. Operators of internet-facing serial converters and UniFi gear should apply fixes immediately.
Sources: SecurityWeek · The Hacker News · BleepingComputer · ↑ top
Latest developments: The curl project fixed a flaw that had lurked for 25 years in a release of 18 medium- and low-severity bugs, while Chrome 149 closed 18 vulnerabilities—more than half use-after-free defects—and GitLab patched 13 issues including three high-severity code-execution and information-disclosure bugs.
A heavy patch day landed across widely deployed software, with curl, Google Chrome, and GitLab all shipping fixes. Administrators should update promptly, prioritizing the Chrome use-after-free bugs that can lead to remote code execution.
Sources: SecurityWeek · SecurityWeek · SecurityWeek · ↑ top
Latest developments: Researchers named Gaslight, a previously undocumented Rust-based macOS implant and information stealer that embeds a prompt-injection payload to trick an analyst's AI tools into aborting or refusing examination of the sample.
Gaslight steals data while hiding from automated analysis; its prompt-injection trick extends a wider pattern that Schneier and SecurityWeek both flag, where attackers poison the trusted data that autonomous AI agents read. Teams should treat AI-assisted triage output as fallible and verify findings by hand.
Sources: The Hacker News · Schneier on Security · SecurityWeek · ↑ top
Latest developments: Cal Water and Mandiant found no evidence that the Iranian group Handala touched operational technology, despite the attackers' claim they could disrupt the California utility's water supply.
Handala, an Iran-linked hacktivist crew, claimed it breached Cal Water and could interrupt supply; the utility called in Mandiant, which found the intrusion never reached water-treatment controls. The case underscores how hacktivists inflate access claims against critical infrastructure.
Sources: SecurityWeek · ↑ top
Latest developments: Researchers found Russia kept using Cellebrite's phone-extraction tool to crack a dissident's device soon after the firm said in March 2021 it would stop working with the country, suggesting Cellebrite cannot pull its technology back from authoritarian customers.
Cellebrite, the digital-forensics vendor, announced in March 2021 it would cut off Russia; the continued use of its product against a Russian dissident shows the company struggles to enforce that withdrawal. The case renews scrutiny of surveillance-tool export controls.
Sources: The Record · ↑ top
Latest developments: The Japanese yen sank to its weakest against the dollar since July 2024 and U.S. two-year Treasury yields climbed as traders shifted from pricing Federal Reserve cuts to betting the Fed's next move is a hike.
Bets on a Federal Reserve rate increase ahead of Friday's PCE inflation reading lifted Treasury yields and drove the yen to multiyear lows, prompting Japanese officials to signal willingness to intervene, while European Central Bank board member Isabel Schnabel said the ECB will need to raise rates further to reach its 2% target.
Sources: WSJ Markets · WSJ Markets · WSJ World News · ↑ top
Today: Partly Sunny then Chance Showers And Thunderstorms, high 84F.
Tonight: Showers And Thunderstorms Likely, low 63F.
Friday: Mostly Cloudy then Slight Chance Showers And Thunderstorms, high 82F.
Latest developments: Tenaris announced more than $90 million to upgrade its steel shop in Koppel and seamless-pipe facility in Ambridge.
Tenaris, the global steel-pipe maker, will spend more than $90 million modernizing its Koppel steel shop and Ambridge seamless-pipe plant in Beaver County.
Latest developments: Spirit Airlines' signage is down, its reservation counter empty, and unbranded kiosks sit offline at Arnold Palmer Regional Airport after the carrier's grounding.
Arnold Palmer Regional Airport near Latrobe in Westmoreland County is struggling to stay viable after Spirit Airlines, its main commercial carrier, halted service, leaving the terminal without a branded operator.
Latest developments: Blackthorne Golf Club reopened to the public after a three-and-a-half-year closure tied to community and legal disputes.
Blackthorne Golf Club, a course embedded in a residential development in Penn Township, Westmoreland County, reopened after a 3½-year shutdown amid multiple community and legal disputes.
Latest developments: KDKA-TV revealed it is gutting its Gateway Center studio to install augmented- and virtual-reality technology, with a launch planned later this year.
KDKA-TV, the CBS station in downtown Pittsburgh, is rebuilding its Gateway Center news studio with green-screen walls and immersive augmented- and virtual-reality graphics for weather and news, joining a wave of CBS stations adopting the technology.
Latest developments: Jeannette manager Ethan Keedy warned the city's roughly $28,000 in annual skill-game tax revenue could dry up after this month's Pennsylvania Supreme Court ruling.
A Pennsylvania Supreme Court ruling this month on skill games threatens local levies on the machines, including in Jeannette, the Westmoreland County city that collected about $28,000 last year taxing them.
Latest developments: The Digital Foundry in New Kensington is offering free summer STEM camps to area students in technology, engineering, and advanced manufacturing.
The Digital Foundry, a technology and advanced-manufacturing center in New Kensington, Westmoreland County, is running free summer camps for local students focused on technology, engineering, and manufacturing.
Latest developments: The weekend adds Pittsburgh rapper Frzy opening a concert at Point State Park alongside the Andy Warhol Bridge's 100th Birthday Bash and OpenStreetsPGH.
Pittsburgh celebrates the Andy Warhol Bridge's 100th birthday this weekend, June 26-28, with a bash on the span paired with the OpenStreetsPGH car-free streets event and a Point State Park concert opened by Pittsburgh rapper Frzy.
Sources: NEXTpittsburgh Events · Pittsburgh Post-Gazette · ↑ top
Latest developments: The Pittsburgh CLO opened its 80th summer season this week with 'Beautiful: The Carole King Musical' at the Benedum Center.
The Pittsburgh CLO launched its 80th summer season with 'Beautiful: The Carole King Musical,' the jukebox biography of songwriter Carole King, at the Benedum Center downtown.
Pirates (40-40)
Wed Jun 24 · Mariners 1 · Pirates 11 · Final
Ashcraft, Rodriguez, O'Hearn help Pirates rout AL West-leading Mariners 11-1
Up Next · Mariners @ Pirates · Thu Jun 25, 12:35 PM
Latest developments: The Post-Gazette examined whether Marcell Ozuna, after a rough start in Pittsburgh, is finally heating up at the plate.
Pirates slugger Marcell Ozuna, who struggled badly early in the season, may be rounding into form, the Post-Gazette reported, as manager Don Kelly sorts a lineup that also leans on Ryan O'Hearn and Oneil Cruz.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: The United States meets Türkiye on Thursday, June 25, in its Group D finale, with Mauricio Pochettino confirming he will sit his four yellow-carded players to keep them eligible for the round of 32 on July 1.
Having already clinched a World Cup knockout spot atop Group D, the U.S. men's national team faces Türkiye in its group finale, and manager Mauricio Pochettino plans a rotated lineup to protect yellow-carded starters for the July 1 round of 32.
Sources: ESPN Soccer · ESPN Soccer · ↑ top
Latest developments: The Guardian traced how Mauricio Pochettino's early failures, including a 2025 Gold Cup final loss to Mexico, forged the U.S. team now thriving as a World Cup co-host.
A Guardian profile chronicled Mauricio Pochettino's rocky start as U.S. men's coach, from a tearful 2025 Gold Cup final defeat to Mexico through other setbacks that shaped the side now charming fans at the home World Cup.
Sources: Guardian World Cup 2026 · ↑ top
S&P 500 7,423.43 ▼ -0.1% Dow 51,657.14 ▲ +1.0% Nasdaq 25,953.97 ▼ -0.1% WTI crude 74.35 ▼ -11.4% EUR/USD 1.1447 ▼ -1.2% GBP/USD 1.3232 ▼ -1.4% USD/JPY 161.30 ▲ +0.7%