daily plain-text briefing: security, markets, business, and pittsburgh
The FBI and CISA warn that Russian intelligence now steals Signal Backup Recovery Keys to read victims' entire encrypted message history.
Latest developments: The FBI and CISA updated their March 2026 advisory on June 26 to warn that Russian intelligence phishing now tricks Signal users into handing over their Backup Recovery Key, which restores the full message history and keeps working after the theft, while Ukraine's SBU detailed the fake tech-support crews running the operation.
Russian Intelligence Services phish users of Signal, WhatsApp, and Telegram by posing as tech support to harvest credentials and link rogue devices; reject unsolicited device-linking and recovery-key requests.
Sources: BleepingComputer · The Hacker News · CISA Advisories · The Record · ↑ top
Latest developments: Cisco acquired non-human-identity startups Astrix and WideField to make identity the control plane for autonomous AI agents, Proof launched x401, an open protocol for verifying the identity behind agents, and BleepingComputer flagged threat actors spinning up fraudulent OpenAI organization tenants to phish company secrets from employees they invite.
AI agents inherit human permissions and act at machine speed, outpacing identity governance designed for people; vendors are racing to bolt on non-human-identity controls as attackers exploit the same agentic tools.
Sources: Dark Reading · Help Net Security · BleepingComputer · The Hacker News · ↑ top
Latest developments: The Linux Foundation launched Akrites on June 26, an industry initiative joining technology firms, banks, security vendors, and AI companies to report, patch, and disclose vulnerabilities in widely used open-source software, while a separate Open Source Sustainability Initiative took aim at securing end-of-life projects.
Both efforts respond to AI shortening the gap between flaw discovery and exploitation, giving maintainers funded channels for coordinated disclosure and giving enterprises a path to manage aging, out-of-support code.
Sources: Help Net Security · SecurityWeek · Dark Reading · ↑ top
Latest developments: JFrog Security Research published a working DirtyClone exploit on June 25 for CVE-2026-43503 in the DirtyFrag family, and a public exploit for pedit COW, CVE-2026-46331 in the act_pedit traffic-control action, appeared within a day of its June 16 assignment.
Both flaws let a local unprivileged Linux user corrupt shared page-cache memory and gain root; Red Hat rates them high severity and patches have landed upstream, so administrators should update kernels now.
Sources: The Hacker News · The Hacker News · ↑ top
Latest developments: A database of nearly one million passports from around the world leaked after attackers hit an age-verification system used by cannabis dispensaries, and the Pentagon opened an inquiry into the Dialog data exposure that unmasked a senior White House intelligence official and an active-duty special operations officer.
Both incidents show high-value credentials and identities spilling through low-value ancillary systems; affected people face heightened identity-theft and targeting risk.
Sources: Schneier on Security · Wired Security · ↑ top
Latest developments: CISA gave federal agencies until Sunday, June 28, to patch CVE-2026-20230, a server-side request forgery flaw in Cisco Unified Communications Manager that attackers are actively exploiting through automated Tor sweeps dropping webshells.
The high-severity bug opens a file-write path to root on Cisco's enterprise voice platform; Cisco has shipped fixes, and all operators should apply them immediately.
Sources: BleepingComputer · ↑ top
Latest developments: Oil futures climbed back above $70 a barrel and the S&P 500 logged its fifth straight losing session on June 26 as Washington confirmed the fresh strikes, leaving the ceasefire between the two adversaries in doubt.
The United States launched military strikes on Iran after a drone attack on a cargo ship in the Strait of Hormuz that President Trump called a ceasefire violation, reviving fears of a wider Middle East conflict and an energy-supply shock.
Sources: WSJ World News · FT World · WSJ Markets · ↑ top
Latest developments: Trump warned on June 26 that he would impose a 100% tariff on any country that implements a digital services tax, saying the levy would supersede existing trade deals.
The threat targets nations, including European states, that tax U.S. technology giants' digital revenue, sharpening trade tensions as the International Monetary Fund's departing chief economist, Pierre-Olivier Gourinchas, warned that tit-for-tat trade warfare is self-defeating and threatens the global economy.
Sources: FT Home · FT Markets · ↑ top
Today: Showers And Thunderstorms, high 79F.
Tonight: Showers And Thunderstorms Likely then Patchy Fog, low 66F.
Sunday: Partly Sunny then Chance Showers And Thunderstorms, high 85F.
Latest developments: Dress For Success Pittsburgh, When She Thrives, and partners held the EmployHer job fair in Homestead this week to help women change industries or start careers.
EmployHer, a collaboration led by Dress For Success Pittsburgh and its director of community engagement, Liz Mims, ran a Homestead job fair connecting women with employers across every career stage.
Latest developments: The Post-Gazette profiled Starfire, the Cambria County pyrotechnics firm, on June 27 ahead of the Independence Day fireworks show over Pittsburgh.
Starfire, a family-run fireworks company based in Cambria County, designs and fires Pittsburgh's July 4 display, with its operators describing themselves as 'a very noisy group.'
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: The Justice Department announced late June 26 it is suing Pennsylvania and three other states to force them to hand over food-stamp applicant data.
The federal suit demands Supplemental Nutrition Assistance Program applicant records that Pennsylvania and three other states have refused to provide, setting up a fight over data privacy and federal authority.
Latest developments: A lawsuit challenges a Trump administration rule that plaintiffs say puts reproductive health care for 160,000 Pennsylvania patients at risk, the Post-Gazette reported June 27.
The suit targets a federal Title X family-planning rule that the complaint warns would cut off reproductive health services for roughly 160,000 patients across Pennsylvania.
Sources: Pittsburgh Post-Gazette · ↑ top
Latest developments: Cross-examination grew tense June 26 in the fifth and final hearing session over the Woodland Hills school board's vote to fire Superintendent Joe Maluchnik.
Superintendent Joe Maluchnik, accused of gender-based discrimination and harassment, is appealing the Woodland Hills school board's decision to fire him in a courtroom-style hearing held across five nights.
Latest developments: Crews closed Point State Park on June 26 to set up for the June 27 Commonwealth Concert, with rapper Frzy opening for headliners Nelly and Third Eye Blind.
The America250PA Commonwealth Concert takes over Point State Park in downtown Pittsburgh on Saturday, June 27, with Frzy opening ahead of headliners Nelly and Third Eye Blind for the nation's 250th-anniversary celebration.
Sources: WTAE · Pittsburgh Post-Gazette · ↑ top
Latest developments: Organizers added metal detectors, ID scanners, and a dedicated line for locals for the festival's June 26-27 return after long entry lines marred opening weekend.
The South Side Street Fest runs a second weekend along the South Side on Friday and Saturday, June 26 and 27, with new metal detectors and ID scanners to speed entry; organizers expect Saturday's larger crowds to test the changes.
Pirates (41-41)
Fri Jun 26 · Reds 6 · Pirates 4 · Final
Marte's tiebreaking homer in 8th after 4-run inning against Skenes helps Reds beat Pirates 6-4
Up Next · Reds @ Pirates · Sat Jun 27, 4:05 PM
Latest developments: The Post-Gazette reported June 26 that Pirates manager Don Kelly notched his 100th career managerial win, with players saying 'he deserves it.'
Pittsburgh Pirates manager Don Kelly reached 100 career wins, a milestone the clubhouse celebrated while hoping a postseason push follows.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: The Pirates activated top prospect Konnor Griffin from the injured list on June 26, adding reinforcement to an injury-thinned roster.
Pittsburgh brought prospect Konnor Griffin back from the injured list, a needed lift for a Pirates lineup depleted by injuries to first baseman Spencer Horwitz and others.
Sources: Post-Gazette Pirates · ↑ top
Latest developments: Former tight end Eric Ebron appeared on Cam Heyward's 'Not Just Football' on June 24, discussing Andrew Luck's retirement, the 11-0 Steelers team, and his own retirement at 28.
On Cam Heyward's 'Not Just Football' podcast, ex-Steeler Eric Ebron shared locker-room stories from his stops in Detroit, Indianapolis, and Pittsburgh and reflected on walking away from the game at 28.
Sources: Not Just Football with Cam Heyward · ↑ top
Latest developments: The United States, already through as Group D winner, lost 3-2 to Türkiye in its group finale, and Christian Pulisic returned from a calf injury to a bright start, ESPN reported June 27.
Mauricio Pochettino's second-string United States lost 3-2 to Türkiye in a dead-rubber group finale that offered lessons on his backups before the World Cup round of 32 on July 1; Christian Pulisic, back from a left-calf injury, started sharply before the late collapse.
Sources: ESPN Soccer · ESPN Soccer · ↑ top
S&P 500 7,381.60 ▼ -1.4% Dow 51,805.04 ▲ +0.4% Nasdaq 25,577.30 ▼ -2.7% WTI crude 71.90 ▼ -9.0% EUR/USD 1.1382 ▼ -1.3% GBP/USD 1.3200 ▼ -0.8% USD/JPY 161.63 ▲ +0.7%