daily plain-text briefing: security, markets, business, and pittsburgh
Russia's Turla unleashed a fresh STOCKSTAY backdoor on Ukraine as CISA logged the first in-the-wild exploitation of a PTC Windchill flaw and phishing kits sharpened their evasion of multifactor authentication.
Latest developments: CISA added PTC Windchill and FlexPLM remote-code-execution flaw CVE-2026-12569, its first observed in-the-wild exploitation, plus Cisco Unified Communications Manager server-side request forgery flaw CVE-2026-20230 to the Known Exploited Vulnerabilities catalog, while attackers weaponized the Cisco bug within 24 hours and a Lantronix serial-to-IP converter flaw, CVE-2025-67038, came under attack.
The Cisco CUCM flaw grants request forgery and root escalation; administrators must patch Windchill, Cisco Unified CM, and Lantronix devices now.
Sources: SecurityWeek · CISA Advisories · Dark Reading · SecurityWeek · ↑ top
Latest developments: Fortra identified Mirage2FA, a kit pairing short-lived HTML smuggling with obfuscated JavaScript to steal Microsoft 365 logins during MFA prompts; the Bluekit phishing-as-a-service platform added browser-in-the-middle theft and nearly 70 new hostnames in a week; and criminals abused Shopify's Shop order-tracking app, planting fake receipts to trigger callback phishing.
Phishing-as-a-service kits increasingly defeat multifactor authentication and ride trusted apps; train users and tighten Microsoft 365 sign-in monitoring.
Sources: Help Net Security · BleepingComputer · BleepingComputer · ↑ top
Latest developments: Black Kite's 2026 European Cyber Risk Report, drawn from 2,066 ransomware incidents across 31 countries between January 2025 and April 2026, found attacks accelerating with third-party suppliers as a leading entry point, the same day a third-party vendor compromise let hackers steal roughly $3 million from Polymarket users and Dark Reading reported edtech attackers pivoting from schools to their software vendors.
Outside vendors increasingly open the door to ransomware and theft; map supplier access and monitor every third-party connection.
Sources: Help Net Security · SecurityWeek · Dark Reading · ↑ top
Latest developments: Google's Threat Intelligence Group attributed a previously undocumented .NET backdoor, STOCKSTAY, to Turla, which deployed it against Ukrainian government and military organizations and entities interested in Italian foreign policy.
Turla, the Russian FSB-linked espionage group, continually rebuilds the Windows backdoor to steal data from state and defense networks.
Sources: SecurityWeek · The Hacker News · ↑ top
Latest developments: Kaspersky uncovered StrikeShark, a global campaign wielding the previously unknown SharkLoader dropper to compromise government organizations and software development companies across multiple countries, first spotted in an attack on a diplomatic organization in Indonesia.
The unattributed operators and novel dropper mark a fresh espionage actor reaching public-sector and developer targets worldwide.
Sources: Help Net Security · ↑ top
Latest developments: Researchers detailed Gaslight, macOS malware that buries prompt-injection strings and fake debugging data in its executable to mislead AI-assisted analysis tools, while a new paper showed large language models fall for prompt injection because they learn the writing style of role blocks rather than their tags.
Attackers now aim at the AI tooling defenders rely on; treat model-driven triage output as untrusted and verify findings by hand.
Sources: BleepingComputer · Schneier on Security · ↑ top
Latest developments: South Korea's market slid more than 8% on June 26, triggering its second circuit-breaker halt of the week, and a report that OpenAI may delay its public offering deepened a rout that earlier hit memory chips and Apple.
Investors dumping artificial-intelligence-linked shares sent the Kospi down over 8%, pressured Nasdaq futures and chipmakers worldwide, and pushed oil back toward pre-war levels, intensifying doubts about whether the AI boom can sustain its spending.
Sources: WSJ Markets · WSJ Markets · FT World · ↑ top
Latest developments: JPMorgan named Doug Petno and Troy Rohrbaugh co-presidents on June 25, formally opening the contest to succeed 70-year-old chief executive Jamie Dimon.
JPMorgan Chase, the largest U.S. bank, elevated commercial-banking head Doug Petno and markets chief Troy Rohrbaugh to co-presidents, positioning the two as front-runners to eventually replace Jamie Dimon, who has run the firm since 2005.
Sources: WSJ Markets · ↑ top
Today: Mostly Cloudy, high 81F.
Tonight: Showers And Thunderstorms, low 64F.
Saturday: Showers And Thunderstorms Likely then Slight Chance Showers And Thunderstorms, high 80F.
Latest developments: A federal grand jury and the SEC allege a former nuclear engineer used secret information about Constellation Energy's Three Mile Island restart to profit roughly $1.48 million, TribLive reported June 26.
The SEC says a Delaware nuclear engineer traded on nonpublic details of Constellation Energy's plan to reopen the Three Mile Island plant near Harrisburg, making about $1.48 million before the deal became public.
Latest developments: The Hoffmann Family of Companies introduced itself at PPG Paints Arena on June 26, vowing to keep the Penguins in Pittsburgh, after the NHL approved the sale earlier this week.
Pittsburgh's new Penguins owners, the Hoffmann Family of Companies, told a PPG Paints Arena press conference they bought a Squirrel Hill home, have no plans to move the team, and floated changing the franchise's ECHL affiliation, with Kyle Dubas staying on.
Latest developments: The Post-Gazette detailed June 26 the community loss as Schwebel Baking Company winds down, following the liquidation and outlet-store closures already reported.
Schwebel Baking Company's wind-down after 120 years strands western Pennsylvania workers and longtime customers, the Post-Gazette reported, describing 'a heavy impact' across the region's neighborhoods.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: PennDOT crews closed Commercial Street and the Nine Mile Run trail on June 26 to test the equipment that will slide a 22-million-pound replacement span into place next month, the step previewed earlier this week.
PennDOT ran a full equipment test under Interstate 376 near Frick Park for the Commercial Street bridge replacement, ahead of a planned I-376 closure next month to move the new 22-million-pound span.
Latest developments: An Allegheny County Council committee heard public testimony June 25 on a proposal granting county employees 18 weeks of paid parental leave.
Allegheny County Council's committee took public comment on an 18-week paid-parental-leave plan for county workers, with UPMC Magee-Womens Hospital nurse Jean Stone among those urging a stronger policy across the Pittsburgh region.
Latest developments: Suspended Woodland Hills superintendent Joe Maluchnik testified June 25 on the fifth night of his public firing hearing, telling his side for the first time.
Joe Maluchnik, the suspended Woodland Hills School District superintendent, told the public hearing over his firing that the district resisted his efforts to improve it, his first account of the months-long dispute.
Pirates (41-40)
Thu Jun 25 · Mariners 1 · Pirates 5 · Final
Brandon Lowe, Henry Davis each homer to lead Pirates over Mariners 5-1
Up Next · Reds @ Pirates · Fri Jun 26, 6:40 PM
Latest developments: A Post-Gazette feature June 26 examined why Steelers kicker Chris Boswell and NFL kickers leaguewide are making field goals from record distances.
The Post-Gazette traced the equipment, technique, and rule changes letting kickers like the Steelers' Chris Boswell set distance records, part of an NFL-wide surge in long field goals.
Sources: Post-Gazette Steelers · ↑ top
Latest developments: A Post-Gazette analysis June 25 weighed whether Marcell Ozuna is finally heating up after a lousy start with the Pirates.
Pirates designated hitter Marcell Ozuna, brought in to add power, has shown recent signs of life at the plate, the Post-Gazette reported alongside notes on manager Don Kelly, Ryan O'Hearn, and Oneil Cruz.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: Eric Ebron appeared on Cam Heyward's 'Not Just Football' podcast, posted June 24, discussing Andrew Luck's retirement and the 11-0 Steelers team.
On Cam Heyward's 'Not Just Football,' former tight end Eric Ebron shared locker-room stories from Detroit, Indianapolis, and Pittsburgh, reflected on his own retirement at 28, and touched on Bill Belichick taking over North Carolina.
Sources: Not Just Football with Cam Heyward · ↑ top
Latest developments: Türkiye beat the United States 3-2 on Kaan Ayhan's final-kick goal Thursday, June 25, and the U.S., already Group D winners, drew Bosnia and Herzegovina in the round of 32 at Santa Clara on Wednesday, July 1.
Mauricio Pochettino's heavily rotated United States side conceded three goals at SoFi Stadium in Inglewood, with backup keeper Matt Turner faulted, in a meaningless group finale that still left the co-hosts atop Group D and bound for a knockout match against Bosnia and Herzegovina.
Sources: ESPN Soccer · Guardian World Cup 2026 · ↑ top
Latest developments: Christian Pulisic came off the bench against Türkiye and looks ready to start the United States' round-of-32 game versus Bosnia and Herzegovina, ESPN reported June 26.
Christian Pulisic, recovered from the calf injury that limited him in the group stage, substituted on against Türkiye and is positioned to lead the U.S. attack in its first knockout match.
Sources: ESPN Soccer · ↑ top
S&P 500 7,410.91 ▼ -0.7% Dow 51,742.75 ▲ +0.6% Nasdaq 25,821.36 ▼ -1.3% WTI crude 73.38 ▼ -9.7% EUR/USD 1.1416 ▼ -1.4% GBP/USD 1.3205 ▼ -1.5% USD/JPY 161.53 ▲ +0.8%