daily plain-text briefing: security, markets, business, and pittsburgh
Russian and Chinese state hackers fielded new espionage backdoors as compromised third-party vendors drained $3 million from Polymarket and widened Europe's ransomware toll.
Latest developments: Kaspersky exposed SharkLoader, a previously undocumented dropper deploying Cobalt Strike Beacon in a campaign it calls StrikeShark against a diplomatic organization in Indonesia and government bodies in Taiwan, while Google's Threat Intelligence Group detailed STOCKSTAY, a new .NET backdoor Russia's Turla aims at Ukrainian government and military networks and parties tracking Italian foreign policy.
SharkLoader hands operators a Cobalt Strike foothold, and STOCKSTAY gives Turla persistent .NET access for long-term espionage. Government, diplomatic, and software-development targets across Asia and Ukraine should hunt for both.
Sources: The Hacker News · Help Net Security · The Hacker News · The Record · ↑ top
Latest developments: AWS patched CVE-2026-12957, a high-severity flaw in Amazon Q Developer that let a malicious repository abuse Model Context Protocol server configs to run commands and steal a developer's cloud credentials the moment they trusted the workspace, as SecurityWeek flagged a broader MCP overhaul that shifts security duties onto developers and platform operators.
Amazon Q Developer is AWS's AI coding assistant; opening a poisoned repository and trusting the workspace handed attackers the developer's AWS keys. AWS has patched the flaw and urges customers to update.
Sources: SecurityWeek · The Hacker News · SecurityWeek · ↑ top
Latest developments: Polymarket pledged to reimburse customers who lost about $3 million after attackers breached a third-party vendor and injected a malicious script into the prediction market's web frontend, while roughly two dozen more companies notified customers of the Klue-Salesforce breach and the hackers themselves got hacked.
Attackers reached Polymarket through a third-party vendor and slipped a script into its frontend to steal user funds, which the firm will reimburse. The parallel Klue-Salesforce breach keeps widening its victim list.
Sources: BleepingComputer · SecurityWeek · SecurityWeek · ↑ top
Latest developments: CISA added CVE-2026-12569, a critical remote-code-execution flaw in PTC Windchill PDMlink and FlexPLM software, to its Known Exploited Vulnerabilities catalog on June 26 after spotting ongoing web-shell attacks, the first confirmed exploitation in the wild.
PTC Windchill manages product designs and engineering data for manufacturers, and the bug grants remote code execution on those servers. Operators should apply PTC's fix and inspect for web shells.
Sources: The Hacker News · SecurityWeek · ↑ top
Latest developments: Dark Reading detailed how meeting President Trump's 2030 post-quantum migration deadline will strain budgets across multivendor IT and OT environments plagued by visibility gaps and misaligned update cycles, as ZeroTier shipped release candidate 2 of ZeroTier Quantum, pushing its CNSA 2.0-compliant quantum-secure networking toward general availability.
An executive order sets a 2030 deadline to migrate federal systems to post-quantum cryptography, and interoperability gaps make compliance costly and complex. Vendors like ZeroTier are racing CNSA 2.0-ready products to market.
Sources: Dark Reading · Help Net Security · ↑ top
Latest developments: Black Kite's 2026 European Cyber Risk Report, drawn from 2,066 ransomware incidents across 31 countries between January 2025 and April 2026, found attacks on European organizations climbing in early 2026 with third-party suppliers now a leading point of entry.
The report ties Europe's rising ransomware toll to weak vendors in the supply chain. Organizations should vet, segment, and monitor their third-party suppliers as a primary defense.
Sources: Help Net Security · ↑ top
Latest developments: The United States launched fresh military strikes on Iran on June 26, escalating past President Trump's earlier verbal blame for the cargo-ship attack a day before.
Washington hit Iran after a drone attack damaged a commercial vessel in the Strait of Hormuz, calling Tehran's move unwarranted aggression against commercial shipping and a breach of the framework ceasefire between the two adversaries; U.S. oil futures climbed back above $70 a barrel in late trading.
Sources: FT World · WSJ World News · ↑ top
Tonight: Cloudy then Slight Chance Showers And Thunderstorms, low 64F.
Saturday: Showers And Thunderstorms, high 79F.
Saturday Night: Showers And Thunderstorms Likely then Slight Chance Showers And Thunderstorms, low 65F.
Latest developments: KDKA reported June 26 that Schwebel Baking Company will begin liquidating and close for good starting July 4, putting a firm date on the previously announced wind-down.
The 120-year-old bread maker Schwebel Baking Company will end production and lay off workers across western Pennsylvania as it pursues a formal liquidation, shuttering a staple regional brand.
Latest developments: WPXI's 11 Investigates reported June 26 that Allegheny County employees are just learning their spouses could be removed from the county's medical insurance plan.
Allegheny County is weighing a major change to worker health benefits that would push employee spouses off the county insurance plan, a cost-cutting move affecting thousands of county workers and their families.
Latest developments: Allegheny County issued a Code Red Heat Advisory for several days next week on June 26 and will open five Pittsburgh cooling centers from 8 a.m. to 7 p.m.
A heat wave will push temperatures high across Allegheny County early next week, prompting the county to open five cooling centers in Pittsburgh and warn residents, following a rainy start to the weekend.
Latest developments: PennDOT closed Commercial Street near Frick Park for a second straight day June 26 for added testing, without explaining why the extra day was needed.
PennDOT shut Commercial Street to test the system that will move a new bridge span into place near Frick Park, extending the closure beyond the single day originally scheduled.
Latest developments: The Post-Gazette reported June 26 that Governor Josh Shapiro favors incentives to make data centers behave, while fellow Pennsylvania Democrats want more aggressive limits.
Governor Josh Shapiro is pitching incentives to shape data-center development in Pennsylvania, splitting with members of his own party in Harrisburg who passed bills letting municipalities impose moratoriums and curb the projects' tax breaks.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: Pittsburgh and America250PA announced June 26 that Nelly and Third Eye Blind will headline the Commonwealth Concert at Point State Park on Saturday, June 27.
The America250PA Commonwealth Concert Series comes to Point State Park in Downtown Pittsburgh on Saturday, June 27, headlined by Nelly and Third Eye Blind, with Pittsburgh native Frzy as special guest and former Steelers quarterback Charlie Batch hosting.
Pirates (41-40)
Thu Jun 25 · Mariners 1 · Pirates 5 · Final
Brandon Lowe, Henry Davis each homer to lead Pirates over Mariners 5-1
Fri Jun 26 · Reds 4 · Pirates 4 · Top 8th (in progress at last update)
Up Next · Reds @ Pirates · Sat Jun 27, 4:05 PM
Latest developments: A Post-Gazette feature June 26 examined why Steelers kicker Chris Boswell and other NFL kickers are booting field goals farther than ever before.
The Post-Gazette dug into the league-wide surge in field-goal distance, using Steelers kicker Chris Boswell as a case study in the technique, equipment, and training behind today's record-long kicks.
Sources: Post-Gazette Steelers · ↑ top
Latest developments: A Post-Gazette mailbag June 26 asked how the Pirates can fix their abysmal success rate on automated ball-strike challenges, alongside All-Star voting and trade-deadline questions.
Beat writers fielded reader questions on the Pirates' poor record challenging calls under the automated ball-strike system, Paul Skenes's All-Star candidacy, and the looming MLB trade deadline.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: A Post-Gazette piece June 25 assessed whether designated hitter Marcell Ozuna is breaking out of the slump that opened his Pirates tenure.
Marcell Ozuna started lousily after joining the Pirates, and the Post-Gazette weighed signs he may finally be hitting his stride under manager Don Kelly.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: Multiple sources told the Guardian June 26 that U.S. Soccer has formally offered Mauricio Pochettino an extension through the 2030 World Cup, moving past the earlier positive talks.
U.S. Soccer has offered men's national team coach Mauricio Pochettino, in charge since late 2024, a contract extension that would keep him through the 2030 World Cup, even as European clubs are likely to pursue him.
Sources: Guardian World Cup 2026 · ↑ top
Latest developments: ESPN reported June 26 that Christian Pulisic, back from a calf injury, looks ready to make his mark as the United States heads into the World Cup round of 32.
Christian Pulisic returned in the 3-2 Group D finale loss to Türkiye after recovering from a left calf injury, and the United States, already through as group winners, plays its round-of-32 match July 1.
Sources: ESPN Soccer · ↑ top
Latest developments: An Idaho prosecutor said June 26 that misdemeanor drug charges against Olympic gold-medal skier Bode Miller will be dismissed.
Prosecutors will drop misdemeanor drug charges against former Olympic champion skier Bode Miller, despite an earlier finding of probable cause for his arrest, an Idaho prosecutor said.
Sources: ESPN Olympics · ↑ top
S&P 500 7,381.60 ▼ -1.4% Dow 51,805.04 ▲ +0.4% Nasdaq 25,577.30 ▼ -2.7% WTI crude 72.11 ▼ -8.7% EUR/USD 1.1382 ▼ -1.3% GBP/USD 1.3200 ▼ -0.8% USD/JPY 161.69 ▲ +0.6%