daily plain-text briefing: security, markets, business, and pittsburgh
Freshly exposed backdoors—from a Southeast Asian espionage toolkit to a ransomware-feeding access broker—dominated the day as police across Europe and Asia dismantled SIM-swap and piracy operations.
Latest developments: Unit 42 detailed CL-STA-1062, a hybrid toolkit built around the custom TinyRCT backdoor that struck Southeast Asian governments and critical infrastructure; Microsoft Threat Intelligence found a photo-themed ZIP campaign planting a persistent Node.js implant in European and Asian hospitality firms; and Dark Reading reported that Russia's FSB-run Gamaredon improved its malware loading and server hiding.
Three espionage operations surfaced at once, each pairing custom implants with stealth tradecraft. Defenders facing CL-STA-1062, the hospitality Node.js implant, or Gamaredon should hunt for unusual loaders, fake image shortcut files, and beaconing to concealed infrastructure.
Sources: Unit 42 (Palo Alto) · Microsoft Security Blog · Dark Reading · ↑ top
Latest developments: A dairy manufacturer in Russia's republic of Bashkortostan became the latest food producer there to have operations snarled by a cyberattack; Ukraine's state-owned postal operator reported app disruptions from a suspected attack; and researchers found Russia kept using Cellebrite's phone-cracking tool against a dissident years after the firm said in March 2021 it would stop serving the country.
The war's cyber dimension keeps disrupting civilian infrastructure on both sides while Russian authorities repurpose Western forensic tools for repression. Organizations in the conflict zone should brace for service-disrupting intrusions, and surveillance vendors face fresh questions about controlling deployed gear.
Sources: The Record · The Record · The Record · ↑ top
Latest developments: Polish authorities arrested four members of a cybercrime group that breached telecom partners to run SIM-swapping attacks tied to millions in cryptocurrency theft; investigators seized 44 domains linked to the PirloTV sports-piracy network; and Dark Reading reported that local police collusion keeps Southeast Asian scam centers running despite international pressure.
Law enforcement landed fresh blows against telecom-enabled fraud and illegal streaming, while entrenched corruption still shields the multibillion-dollar scam-center economy. Telecom carriers should tighten SIM-change controls and account-recovery verification.
Sources: BleepingComputer · BleepingComputer · Dark Reading · ↑ top
Latest developments: Homeland Security Secretary Markwayne Mullin told lawmakers that President Trump has met a potential CISA director nominee and that the agency will hire 600 once a director is seated; Microsoft quietly extended free Windows 10 Extended Security Updates for consumers to October 12, 2027; and NIST opened updated IoT security guidance for public review.
U.S. policy moves touched the federal cyber workforce, legacy-operating-system support, and device security baselines. Enterprises still running Windows 10 gain another year of consumer ESU coverage, and IoT vendors can comment on the draft federal requirements.
Sources: The Record · BleepingComputer · SecurityWeek · ↑ top
Latest developments: Symantec and Carbon Black's Threat Hunter Team tied the new Mistic backdoor, also called MLTBackdoor, to the initial access broker Woodgnat, known as KongTuke, which has fed ransomware operations including Qilin, Interlock, Rhysida, Akira, and 8Base, with the implant hitting insurance, education, IT, and professional-services firms since April 2026.
Mistic is a stealthy backdoor spread through ClickFix and ModeloRAT campaigns by a financially motivated access broker active since May 2024. Affected sectors should watch for KongTuke lures that precede ransomware deployment.
Sources: Help Net Security · The Hacker News · ↑ top
Latest developments: Island researchers found that Adblock for YouTube, a Chrome extension carrying more than 10 million installs and a Featured badge on the Chrome Web Store, holds dormant code able to execute arbitrary JavaScript on pages users visit.
The extension, ID cmedhionkhpnakcndndgjdbohmhepckk, advertises ad blocking yet conceals script-injection capability that could hijack browsing sessions. Users should remove it and audit their installed extensions.
Sources: The Hacker News · ↑ top
Latest developments: Apple raised MacBook and iPad prices 20% on June 25, blaming an AI-driven memory shortage, and shed about $263 billion in market value the same day Micron's blowout results sent chip shares climbing.
Micron Technology posted a 15-fold profit surge on AI-fueled demand for computer memory, driving a chipmaker rally, while Apple cited the same memory shortage for its first major price increases on MacBooks and iPads and absorbed one of the largest single-day market-capitalization losses on record.
Sources: FT World · FT World · WSJ Markets · ↑ top
Tonight: Showers And Thunderstorms Likely then Chance Showers And Thunderstorms, low 64F.
Friday: Mostly Cloudy then Isolated Showers And Thunderstorms, high 82F.
Friday Night: Isolated Showers And Thunderstorms then Showers And Thunderstorms, low 65F.
Latest developments: Schwebel's bakery outlet stores across western Pennsylvania will shut down as part of the company's wind-down, WTAE reported June 25.
Schwebel Baking Company, the bread maker that announced its liquidation after more than 120 years, will close its Schwebel's retail outlet stores in the region, pulling a longtime brand from local shelves.
Latest developments: The Pennsylvania House passed bills June 25 letting municipalities impose moratoriums on data-center projects and limiting their tax breaks, moving past the committee stage they cleared earlier.
Responding to growing backlash over data centers' energy and water demands, the Pennsylvania House approved legislation allowing local governments to pause data-center development and curbing the tax incentives the projects receive.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: A plan to divert taxes from new Downtown construction into renovating the district drew objections from transit advocates over transparency and equity, PublicSource reported June 25.
With Downtown Pittsburgh languishing in the post-pandemic shift to remote work, a proposal would channel tax revenue generated by new construction into funding district renovations, a plan transit advocates question on fairness grounds.
Sources: PublicSource · ↑ top
Latest developments: Fayette County leaders launched a privately funded feasibility study June 25 to find new uses for the Penn State Fayette campus near Uniontown, which closes after one more academic year.
Penn State will shut its Fayette branch campus near Uniontown within a year, and County Commissioner Scott Dunn said the county wants to repurpose the site as an educational hub with multiple partners.
Latest developments: Workers at the Westmoreland County 911 Center and the county commission pressed for an increase to the emergency surcharge, unchanged for more than three years, WTAE reported June 25.
Staff at the Westmoreland County 911 Center say rising labor and technology costs have outstripped the surcharge that funds emergency dispatch, which has not risen in over three years.
Latest developments: U.S. Representative Chris Deluzio of Allegheny County came out against the Take Care of America's Veterans Act, which he says would cut benefits, KDKA reported June 25.
Congressman Chris Deluzio joined opposition to the Take Care of America's Veterans Act, arguing it would reduce care and benefits for disabled veterans like Allegheny County Army veteran Craig Romanovich.
Latest developments: NEXTpittsburgh's weekend guide spotlights the Pittsburgh Dance Workshop and Choreography Festival, running through Saturday, June 27.
The Pittsburgh Dance Workshop and Choreography Festival runs Thursday, June 25, through Saturday, June 27, at the Charity Randall Theatre in Oakland, presenting original works by emerging and established choreographers from the region and beyond at various times.
Sources: NEXTpittsburgh Events · ↑ top
Latest developments: The Post-Gazette reported June 24 that former 'Dance Moms' star Nia Sioux will perform with Pittsburgh CLO at the Benedum Center.
Nia Sioux, who rose to fame on 'Dance Moms,' returns to Pittsburgh to perform in the Pittsburgh CLO production of 'Mean Girls' at the Benedum Center, Downtown.
Sources: Post-Gazette Arts & Entertainment · ↑ top
Pirates (41-40)
Wed Jun 24 · Mariners 1 · Pirates 11 · Final
Ashcraft, Rodriguez, O'Hearn help Pirates rout AL West-leading Mariners 11-1
Thu Jun 25 · Mariners 1 · Pirates 5 · Final
Brandon Lowe, Henry Davis each homer to lead Pirates over Mariners 5-1
Up Next · Reds @ Pirates · Fri Jun 26, 6:40 PM
Latest developments: The Post-Gazette assessed June 25 how the injury-riddled Pirates fill the gap after first baseman Spencer Horwitz landed on the injured list.
The Pittsburgh Pirates placed first baseman Spencer Horwitz on the injured list, deepening a run of injuries, as the beat weighs replacements and the rehab timeline for top prospect Konnor Griffin.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: Post-Gazette columnist Noah Hiles argued June 24 that the Pirates have not earned the right to add at the MLB trade deadline.
In a Post-Gazette column, Noah Hiles wrote that even with ace Paul Skenes, the Pirates' play under general manager Ben Cherington and owner Bob Nutting leaves them undeserving of buying at the deadline.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: A Post-Gazette film study June 24 praised Steelers rookie safety Robert Spears-Jennings for his effort and special-teams value.
The Post-Gazette broke down Steelers rookie safety Robert Spears-Jennings, drafted out of Oklahoma, highlighting his motor and likely early contribution on special teams.
Sources: Post-Gazette Steelers · ↑ top
Latest developments: Already through as Group D winners, the United States faced Türkiye in its finale at Los Angeles Stadium with a heavily rotated lineup and Christian Pulisic left out.
Manager Mauricio Pochettino rotated his squad for the U.S. men's dead-rubber Group D match against Türkiye, sitting Christian Pulisic, as the Americans turn attention to the round of 32.
Sources: Guardian World Cup 2026 · ESPN Soccer · ↑ top
Latest developments: Five-time U.S. Olympian Hilary Knight signed a two-year contract extension with PWHL Detroit on June 25, securing her through the 2028-29 season.
Hilary Knight, the veteran forward and five-time United States Olympian, extended her deal with her new PWHL expansion club in Detroit, keeping her under contract through 2028-29.
Sources: ESPN Olympics · ↑ top
S&P 500 7,410.91 ▼ -0.7% Dow 51,742.75 ▲ +0.6% Nasdaq 25,821.36 ▼ -1.3% WTI crude 74.35 ▼ -11.4% EUR/USD 1.1416 ▼ -1.4% GBP/USD 1.3205 ▼ -1.5% USD/JPY 161.53 ▲ +0.8%