================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Saturday, June 27, 2026 - 6:06 AM EDT ================================================================ The FBI and CISA warn that Russian intelligence now steals Signal Backup Recovery Keys to read victims' entire encrypted message history. CONTENTS: Emerging Trends and Key Updates | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS AND KEY UPDATES ---------------------------------------------------------------- * [TREND] Cisco's purchase of Astrix and WideField makes machine identity the new control plane for the autonomous AI agents now flooding into production. see: AI Agent Identity Becomes the New Control Plane * [TREND] Russian intelligence phishing now coaxes Signal users into surrendering their Backup Recovery Keys, showing a human handoff can defeat end-to-end encryption. see: Russia Targets Signal Backup Recovery Keys * [TREND] A shrinking gap between disclosure and exploitation drove the Akrites launch, public root exploits for pedit COW and DirtyClone, and CISA's order to patch Cisco Unified CM. see: Linux Foundation Launches Akrites for Open Source; Linux Kernel Root Exploits: pedit COW and DirtyClone; CISA Orders Urgent Cisco Unified CM Patch * [TREND] Sensitive personal records are in play as a million-passport leak and a Pentagon inquiry collide with the Justice Department's suit to seize Pennsylvania SNAP applicant data. see: Passport and Pentagon Data Exposures; Justice Department Sues Pennsylvania Over SNAP Data * [UPDATE (new)] Markets wobbled as fresh U.S. strikes on Iran pushed oil back above $70 and Trump threatened a 100% tariff on countries adopting digital services taxes. see: U.S. Strikes on Iran Push Oil Back Above $70; Trump Threatens 100% Tariff Over Digital Services Taxes * [TREND] AI skepticism colors the Reading list, from Zitron's bubble dispatches to Newport's critique of doom trolling, while Figma's Dylan Field argues AI is a tailwind. see: Premium: Notes From The Bubble, Volume 1; Dear AI Companies: Stop the "Doom Trolling"; An Interview with Figma CEO Dylan Field About Design and AI SECURITY ---------------------------------------------------------------- 1. RUSSIA TARGETS SIGNAL BACKUP RECOVERY KEYS Nation-State Activity · [apt, phishing, nation-state] Latest developments: The FBI and CISA updated their March 2026 advisory on June 26 to warn that Russian intelligence phishing now tricks Signal users into handing over their Backup Recovery Key, which restores the full message history and keeps working after the theft, while Ukraine's SBU detailed the fake tech-support crews running the operation. Russian Intelligence Services phish users of Signal, WhatsApp, and Telegram by posing as tech support to harvest credentials and link rogue devices; reject unsolicited device-linking and recovery-key requests. - BleepingComputer: https://www.bleepingcomputer.com/news/security/fbi-russian-hackers-now-target-signal-backup-recovery-keys/ - The Hacker News: https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.html - CISA Advisories: https://www.cisa.gov/resources-tools/resources/russian-intelligence-services-continue-target-commercial-messaging-applications - The Record: https://therecord.media/russia-ukraine-social-engineering-messaging-accounts 2. AI AGENT IDENTITY BECOMES THE NEW CONTROL PLANE AI Security · [ai, identity, phishing] Latest developments: Cisco acquired non-human-identity startups Astrix and WideField to make identity the control plane for autonomous AI agents, Proof launched x401, an open protocol for verifying the identity behind agents, and BleepingComputer flagged threat actors spinning up fraudulent OpenAI organization tenants to phish company secrets from employees they invite. AI agents inherit human permissions and act at machine speed, outpacing identity governance designed for people; vendors are racing to bolt on non-human-identity controls as attackers exploit the same agentic tools. - Dark Reading: https://www.darkreading.com/identity-access-management-security/cisco-adds-nhi-security-stack-with-astrix-widefield - Help Net Security: https://www.helpnetsecurity.com/2026/06/26/proofs-x401-establishes-an-open-protocol-for-ai-agent-identity-and-authorization/ - BleepingComputer: https://www.bleepingcomputer.com/news/security/cybersecurity-firms-targeted-by-fraudulent-openai-organization-invites/ - The Hacker News: https://thehackernews.com/2026/06/guardian-agents-next-layer-of-identity.html 3. LINUX FOUNDATION LAUNCHES AKRITES FOR OPEN SOURCE Application Security · [open-source, policy, patch] Latest developments: The Linux Foundation launched Akrites on June 26, an industry initiative joining technology firms, banks, security vendors, and AI companies to report, patch, and disclose vulnerabilities in widely used open-source software, while a separate Open Source Sustainability Initiative took aim at securing end-of-life projects. Both efforts respond to AI shortening the gap between flaw discovery and exploitation, giving maintainers funded channels for coordinated disclosure and giving enterprises a path to manage aging, out-of-support code. - Help Net Security: https://www.helpnetsecurity.com/2026/06/26/akrites-open-source-security-framework/ - SecurityWeek: https://www.securityweek.com/linux-foundation-unveils-new-open-source-security-project-akrites/ - Dark Reading: https://www.darkreading.com/application-security/initiative-tackles-security-end-of-life-open-source 4. LINUX KERNEL ROOT EXPLOITS: PEDIT COW AND DIRTYCLONE Vulnerabilities and Exploits · [privilege-escalation, linux, exploit] Latest developments: JFrog Security Research published a working DirtyClone exploit on June 25 for CVE-2026-43503 in the DirtyFrag family, and a public exploit for pedit COW, CVE-2026-46331 in the act_pedit traffic-control action, appeared within a day of its June 16 assignment. Both flaws let a local unprivileged Linux user corrupt shared page-cache memory and gain root; Red Hat rates them high severity and patches have landed upstream, so administrators should update kernels now. - The Hacker News: https://thehackernews.com/2026/06/new-linux-pedit-cow-exploit-enables.html - The Hacker News: https://thehackernews.com/2026/06/new-dirtyclone-linux-kernel-flaw-lets.html 5. PASSPORT AND PENTAGON DATA EXPOSURES Data Breaches · [breach, data-leak] Latest developments: A database of nearly one million passports from around the world leaked after attackers hit an age-verification system used by cannabis dispensaries, and the Pentagon opened an inquiry into the Dialog data exposure that unmasked a senior White House intelligence official and an active-duty special operations officer. Both incidents show high-value credentials and identities spilling through low-value ancillary systems; affected people face heightened identity-theft and targeting risk. - Schneier on Security: https://www.schneier.com/blog/archives/2026/06/one-million-passports-leaked-online.html - Wired Security: https://www.wired.com/story/the-pentagon-is-looking-into-the-dialog-data-exposure-for-unmasking-national-security-officials/ 6. CISA ORDERS URGENT CISCO UNIFIED CM PATCH Vulnerabilities and Exploits · [patch, exploit, cisco] Latest developments: CISA gave federal agencies until Sunday, June 28, to patch CVE-2026-20230, a server-side request forgery flaw in Cisco Unified Communications Manager that attackers are actively exploiting through automated Tor sweeps dropping webshells. The high-severity bug opens a file-write path to root on Cisco's enterprise voice platform; Cisco has shipped fixes, and all operators should apply them immediately. - BleepingComputer: https://www.bleepingcomputer.com/news/security/cisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks/ BUSINESS AND POLITICS ---------------------------------------------------------------- * U.S. Strikes on Iran Push Oil Back Above $70 Latest developments: Oil futures climbed back above $70 a barrel and the S&P 500 logged its fifth straight losing session on June 26 as Washington confirmed the fresh strikes, leaving the ceasefire between the two adversaries in doubt. The United States launched military strikes on Iran after a drone attack on a cargo ship in the Strait of Hormuz that President Trump called a ceasefire violation, reviving fears of a wider Middle East conflict and an energy-supply shock. - WSJ World News: https://www.wsj.com/world/middle-east/trump-says-iranian-attack-on-cargo-ship-was-violation-of-ceasefire-deal-884c617c - FT World: https://www.ft.com/content/f9a4ca8d-d29c-4a7d-8791-8999d84317ae - WSJ Markets: https://www.wsj.com/finance/commodities-futures/oil-futures-fall-on-likely-technical-correction-93e57fe0?mod=rss_markets_main * Trump Threatens 100% Tariff Over Digital Services Taxes Latest developments: Trump warned on June 26 that he would impose a 100% tariff on any country that implements a digital services tax, saying the levy would supersede existing trade deals. The threat targets nations, including European states, that tax U.S. technology giants' digital revenue, sharpening trade tensions as the International Monetary Fund's departing chief economist, Pierre-Olivier Gourinchas, warned that tit-for-tat trade warfare is self-defeating and threatens the global economy. - FT Home: https://www.ft.com/content/5d886d47-c509-44a4-9077-bcd25158b61e - FT Markets: https://www.ft.com/content/8199cd6d-e513-4c9a-9beb-8a7acd2b65dc PITTSBURGH ---------------------------------------------------------------- Weather: Today: Showers And Thunderstorms, high 79F. Tonight: Showers And Thunderstorms Likely then Patchy Fog, low 66F. Sunday: Partly Sunny then Chance Showers And Thunderstorms, high 85F. Business: * EmployHer Job Fair Draws Women in Homestead Latest developments: Dress For Success Pittsburgh, When She Thrives, and partners held the EmployHer job fair in Homestead this week to help women change industries or start careers. EmployHer, a collaboration led by Dress For Success Pittsburgh and its director of community engagement, Liz Mims, ran a Homestead job fair connecting women with employers across every career stage. - KDKA: https://www.cbsnews.com/pittsburgh/news/employher-pop-up-career-events/ * Cambria County's Starfire Powers Pittsburgh's July 4 Latest developments: The Post-Gazette profiled Starfire, the Cambria County pyrotechnics firm, on June 27 ahead of the Independence Day fireworks show over Pittsburgh. Starfire, a family-run fireworks company based in Cambria County, designs and fires Pittsburgh's July 4 display, with its operators describing themselves as 'a very noisy group.' - Pittsburgh Post-Gazette: https://www.post-gazette.com/local/city/2026/06/27/fireworks-fourth-of-july-starfire/stories/202606260049 Around town: * Justice Department Sues Pennsylvania Over SNAP Data Latest developments: The Justice Department announced late June 26 it is suing Pennsylvania and three other states to force them to hand over food-stamp applicant data. The federal suit demands Supplemental Nutrition Assistance Program applicant records that Pennsylvania and three other states have refused to provide, setting up a fight over data privacy and federal authority. - TribLive: https://triblive.com/news/pennsylvania/justice-department-sues-pa-other-states-for-refusing-to-provide-snap-applicant-data/ * Lawsuit Says Title X Rule Imperils Pa. Reproductive Care Latest developments: A lawsuit challenges a Trump administration rule that plaintiffs say puts reproductive health care for 160,000 Pennsylvania patients at risk, the Post-Gazette reported June 27. The suit targets a federal Title X family-planning rule that the complaint warns would cut off reproductive health services for roughly 160,000 patients across Pennsylvania. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/health/2026/06/27/reproductive-health-care-pa-title-x-lawsuit/stories/202606270010 * Woodland Hills Superintendent Firing Hearing Turns Tense Latest developments: Cross-examination grew tense June 26 in the fifth and final hearing session over the Woodland Hills school board's vote to fire Superintendent Joe Maluchnik. Superintendent Joe Maluchnik, accused of gender-based discrimination and harassment, is appealing the Woodland Hills school board's decision to fire him in a courtroom-style hearing held across five nights. - KDKA: https://www.cbsnews.com/pittsburgh/news/woodland-hills-superintendent-closing-arguments-hearing/ Events: * America250PA Concert at Point State Park Latest developments: Crews closed Point State Park on June 26 to set up for the June 27 Commonwealth Concert, with rapper Frzy opening for headliners Nelly and Third Eye Blind. The America250PA Commonwealth Concert takes over Point State Park in downtown Pittsburgh on Saturday, June 27, with Frzy opening ahead of headliners Nelly and Third Eye Blind for the nation's 250th-anniversary celebration. - WTAE: https://www.wtae.com/article/point-state-park-closed-ahead-america250pa-concert-saturday/71751092 - Pittsburgh Post-Gazette: https://www.post-gazette.com/life/recreation/2026/06/25/things-to-do-this-weekend-pittsburgh-5/stories/202606250011 * South Side Street Fest's Second Weekend Latest developments: Organizers added metal detectors, ID scanners, and a dedicated line for locals for the festival's June 26-27 return after long entry lines marred opening weekend. The South Side Street Fest runs a second weekend along the South Side on Friday and Saturday, June 26 and 27, with new metal detectors and ID scanners to speed entry; organizers expect Saturday's larger crowds to test the changes. - KDKA: https://www.cbsnews.com/pittsburgh/news/south-side-street-fest-information-second-weekend/ SPORTS ---------------------------------------------------------------- Pirates (41-41) Fri Jun 26 · Reds 6 · Pirates 4 · Final Marte's tiebreaking homer in 8th after 4-run inning against Skenes helps Reds beat Pirates 6-4 https://plaintextsports.com/mlb/2026-06-26/cin-pit Up Next · Reds @ Pirates · Sat Jun 27, 4:05 PM https://plaintextsports.com/mlb/2026-06-27/cin-pit Around the Teams: * Pirates Celebrate Don Kelly's 100th Win Latest developments: The Post-Gazette reported June 26 that Pirates manager Don Kelly notched his 100th career managerial win, with players saying 'he deserves it.' Pittsburgh Pirates manager Don Kelly reached 100 career wins, a milestone the clubhouse celebrated while hoping a postseason push follows. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/26/kelly-100-wins-manager-mlb-postseason/stories/202606250057 * Pirates Activate Konnor Griffin From the IL Latest developments: The Pirates activated top prospect Konnor Griffin from the injured list on June 26, adding reinforcement to an injury-thinned roster. Pittsburgh brought prospect Konnor Griffin back from the injured list, a needed lift for a Pirates lineup depleted by injuries to first baseman Spencer Horwitz and others. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/26/konnor-griffin-injury-il-activate-brannigan/stories/202606260067 * Eric Ebron Joins 'Not Just Football' Latest developments: Former tight end Eric Ebron appeared on Cam Heyward's 'Not Just Football' on June 24, discussing Andrew Luck's retirement, the 11-0 Steelers team, and his own retirement at 28. On Cam Heyward's 'Not Just Football' podcast, ex-Steeler Eric Ebron shared locker-room stories from his stops in Detroit, Indianapolis, and Pittsburgh and reflected on walking away from the game at 28. - Not Just Football with Cam Heyward: https://www.youtube.com/watch?v=KgmEBua4Rog Team USA: * USMNT Falls to Türkiye Before Round of 32 Latest developments: The United States, already through as Group D winner, lost 3-2 to Türkiye in its group finale, and Christian Pulisic returned from a calf injury to a bright start, ESPN reported June 27. Mauricio Pochettino's second-string United States lost 3-2 to Türkiye in a dead-rubber group finale that offered lessons on his backups before the World Cup round of 32 on July 1; Christian Pulisic, back from a left-calf injury, started sharply before the late collapse. - ESPN Soccer: https://www.espn.com/soccer/story/_/id/49183383/usmnt-heed-world-cup-lessons-learned-loss-turkiye - ESPN Soccer: https://www.espn.com/soccer/story/_/id/49184846/christian-pulisic-return-vs-turkiye-looks-ready-make-mark-usmnt-world-cup READING ---------------------------------------------------------------- * Ed Zitron -- Premium: Notes From The Bubble, Volume 1 Zitron launches a running series of dispatches chronicling what he sees as the inflating AI and tech bubble, tracking the industry's strained finances and hype in real time. https://www.wheresyoured.at/premium-notes-from-the-bubble-volume-1/ * Stratechery -- An Interview with Figma CEO Dylan Field About Design and AI Ben Thompson interviews Figma chief executive Dylan Field on building the company and why Field believes AI gives the design platform a tailwind rather than a threat. https://stratechery.com/2026/an-interview-with-figma-ceo-dylan-field-about-design-and-ai/ * Cal Newport -- Dear AI Companies: Stop the "Doom Trolling" Newport argues that AI companies erode public trust by publishing alarmist warnings about the dangers of their own products, a self-defeating posture he likens to a carmaker fear-mongering over its bestselling truck. https://calnewport.com/dear-ai-companies-stop-the-doom-trolling/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,381.60 ▼ -1.4% Dow 51,805.04 ▲ +0.4% Nasdaq 25,577.30 ▼ -2.7% WTI crude 71.90 ▼ -9.0% EUR/USD 1.1382 ▼ -1.3% GBP/USD 1.3200 ▼ -0.8% USD/JPY 161.63 ▲ +0.7% ================================================================ Generated 2026-06-27 06:06 EDT. Sources: 24 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; 4 Team USA feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================