daily plain-text briefing: security, markets, business, and pittsburgh
Russian intelligence escalated its assault on encrypted messaging by coaxing targets into surrendering Signal backup keys, while attackers weaponized a Cisco Unified CM flaw within a day of disclosure.
Latest developments: The FBI and CISA updated their March 2026 warning on June 26, revealing that Russian Intelligence Services operators now talk targets into surrendering their Signal Backup Recovery Key, which lets the attacker restore the account's backup, read its private and group history, and keep persistent access.
Russian intelligence runs phishing campaigns against Signal and other commercial messaging apps; Ukraine's SBU traced a parallel long-running operation in which fake tech-support workers extracted messaging credentials. Treat unsolicited device-linking or backup-key requests as hostile.
Sources: The Hacker News · CISA Advisories · The Record · ↑ top
Latest developments: The Miasma worm, part of the Mini Shai-Hulud and Hades family, infected fresh npm releases of LeoPlatform and RStreams, abused GitHub Actions workflows, and crossed into the Go ecosystem, while the Linux Foundation launched Akrites, an industry framework uniting tech firms, banks, and AI companies to report, patch, and disclose open-source vulnerabilities as AI compresses the time from discovery to exploitation.
Self-propagating malware keeps poisoning the package registries that feed enterprise builds, and a new coordinated-disclosure framework aims to speed remediation. Pin dependencies and audit CI/CD tokens.
Sources: The Hacker News · Help Net Security · SecurityWeek · ↑ top
Latest developments: Threat actors began creating OpenAI tenants that impersonate real companies and inviting employees to join, harvesting sensitive data through chats and projects, while Cisco acquired Astrix and WideField to secure non-human identities and Proof launched x401, an open protocol that verifies the identity behind AI agents before a service acts.
AI agents and machine identities now operate with human-level access and little oversight, drawing both attackers and a wave of governance tooling. Inventory non-human identities and scrutinize unexpected platform invitations.
Sources: BleepingComputer · Dark Reading · Help Net Security · ↑ top
Latest developments: CISA ordered federal civilian agencies to patch Cisco Unified Communications Manager flaw CVE-2026-20230 by Sunday, June 28, after attackers weaponized the server-side request forgery bug within 24 hours of disclosure to forge root-level access.
CVE-2026-20230 lets unauthenticated attackers reach internal services and escalate to root on Cisco Unified CM and Unified CM Session Management Edition deployments. Patch internet-facing systems immediately.
Sources: BleepingComputer · Dark Reading · ↑ top
Latest developments: JFrog Security Research published the first working exploit for DirtyClone, CVE-2026-43503, on June 25—a DirtyFrag-family kernel bug rated CVSS 8.8 that corrupts file-backed memory through a cloned network packet—landing days after a public exploit for pedit COW, CVE-2026-46331, gave local users root the same way.
Both flaws let an unprivileged local user gain root on Linux by poisoning shared page-cache memory through crafted packets. Apply kernel updates; Red Hat rates pedit COW high severity.
Sources: The Hacker News · The Hacker News · ↑ top
Latest developments: Meta began prototyping real-time facial recognition with a Pentagon supplier for police and military use, and the Pentagon opened an inquiry into the Dialog data exposure after leaked records unmasked a senior White House intelligence official and an active-duty special operations officer.
Government-linked surveillance prototypes and data-exposure incidents are putting the personal details of national security personnel at risk. Officials and agencies face mounting privacy and operational-security exposure.
Sources: Schneier on Security · Wired Security · ↑ top
Latest developments: Trump issued a 100% tariff threat against Europe on June 26, a day after the European Union approved tariff cuts on American goods.
President Trump threatened a 100% tariff on any country that taxes United States digital services, saying the levy would override existing trade deals and putting major European economies on notice as they weigh new taxes on American tech companies.
Sources: WSJ World News · FT World · ↑ top
Latest developments: Trump on June 26 blamed Iran for a drone strike on a cargo ship in the Strait of Hormuz, calling it a foolish violation of the ceasefire.
A drone strike hit a cargo ship in the Strait of Hormuz on Thursday, snarling traffic through the world's busiest oil chokepoint and threatening President Trump's preliminary deal to wind down the Iran war, even as oil futures settled near pre-war levels.
Sources: WSJ World News · WSJ Markets · ↑ top
This Afternoon: Mostly Cloudy, high 81F.
Tonight: Mostly Cloudy then Slight Chance Showers And Thunderstorms, low 64F.
Saturday: Showers And Thunderstorms, high 79F.
Latest developments: WTAE reported June 26 that the Cranberry Township Costco became the first Costco in Pennsylvania to sell beer and wine.
The Costco warehouse in Cranberry Township, Butler County, began selling beer and wine, the first store in the chain's Pennsylvania locations to do so.
Latest developments: Residents lashed out at the proposed Golden Triangle tax-diversion district at a Thursday meeting, TribLive reported June 26.
Pittsburgh's plan to earmark future tax revenue from new Downtown construction for Golden Triangle redevelopment met stiff opposition from residents who questioned its transparency and fairness.
Latest developments: Pittsburgh Regional Transit on June 26 pressed drivers to ride the East Busway during next month's three-week Parkway East closure.
Pittsburgh Regional Transit is steering commuters toward public transit, especially the Wilkinsburg East Busway, ahead of a three-week Parkway East shutdown next month to replace the Commercial Street Bridge.
Latest developments: Allegheny County released the schedule June 26 for overnight northbound I-279 closures next week.
The Allegheny County Department of Public Works will close northbound I-279 overnight next week to demolish Jacks Run Bridge No. 3, which carries Jacks Run Road over the highway.
Latest developments: State health officials issued a strong call to action June 26 as Pennsylvania's measles count climbed.
Pennsylvania health officials, declaring they will not sit back as the virus spreads, escalated their response to a worsening statewide measles outbreak.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: Organizers confirmed June 26 that Anthrocon returns July 2-5 for its 20th anniversary.
Anthrocon, one of the world's largest furry conventions, runs July 2 through July 5 at the David L. Lawrence Convention Center Downtown under the theme 'Critters, Cryptids and Curses,' with more than 16,000 pre-registered and an expected economic impact above $18 million.
Latest developments: Pittsburgh Magazine reported June 26 that Danny Elfman will perform with the Pittsburgh Symphony Orchestra at Heinz Hall.
Composer Danny Elfman brings his 'Symphony of Chaos' to Heinz Hall, Downtown, with the Pittsburgh Symphony Orchestra, his first Pittsburgh appearance in nearly 40 years.
Sources: Pittsburgh Magazine · ↑ top
Latest developments: Organizers said June 26 that Picklesburgh will debut pickleball courts at Arts Landing this year.
Picklesburgh, the annual Downtown food festival, runs July 16-19 and will add pickleball courts at Arts Landing with tournament play, free instructional clinics, and courts featuring commissioned public artwork.
Pirates (41-40)
Thu Jun 25 · Mariners 1 · Pirates 5 · Final
Brandon Lowe, Henry Davis each homer to lead Pirates over Mariners 5-1
Up Next · Reds @ Pirates · Fri Jun 26, 6:40 PM
Latest developments: The Pirates activated rookie shortstop Konnor Griffin from the injured list June 26 and optioned Jack Brannigan to Double-A Altoona.
Pittsburgh reinstated top prospect Konnor Griffin, sidelined since May 31 with a right forearm strain, giving its injury-thinned lineup a boost after his strong rehab stint at Altoona.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: Former tight end Eric Ebron joined 'Not Just Football with Cam Heyward' in an episode posted June 24.
On 'Not Just Football with Cam Heyward,' Eric Ebron walked through his NFL journey across Detroit, Indianapolis, and Pittsburgh, his retirement at 28, and Andrew Luck's career.
Sources: Not Just Football with Cam Heyward · ↑ top
Latest developments: The Post-Gazette reported June 26 that the Pirates marked manager Don Kelly's 100th career win.
Pittsburgh players and staff celebrated manager Don Kelly reaching 100 career wins, with teammates voicing hope that more follow in a postseason push.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: The United States lost 3-2 to Türkiye on June 25, with Pochettino defiantly noting the team still won Group D.
A second-string United States side, already through as Group D winners, fell 3-2 to Türkiye, and coach Mauricio Pochettino sparred with reporters afterward as Christian Pulisic returned from a calf injury before the round-of-32 match against Bosnia-Herzegovina.
Sources: ESPN Soccer · ↑ top
Latest developments: Sources told ESPN on June 26 that Pochettino and U.S. Soccer are holding positive talks over a contract extension.
United States men's coach Mauricio Pochettino and U.S. Soccer have opened positive discussions about extending his contract as the co-hosts head into the World Cup knockout rounds.
Sources: ESPN Soccer · ↑ top
Latest developments: AC Milan named Massimo Calvelli chief executive June 26, a day after rejecting New York City FC's approach for Christian Pulisic.
AC Milan turned down New York City FC's approach for United States attacker Christian Pulisic and installed Massimo Calvelli as chief executive in a bid to restore a winning culture.
Sources: ESPN Soccer · ↑ top
S&P 500 7,410.91 ▼ -0.7% Dow 51,742.75 ▲ +0.6% Nasdaq 25,821.36 ▼ -1.3% WTI crude 73.38 ▼ -9.7% EUR/USD 1.1416 ▼ -1.4% GBP/USD 1.3205 ▼ -1.5% USD/JPY 161.53 ▲ +0.8%