-
Behind Wall Street firms’ fight over a one-time Portland unicorn
A fight between the troubled company’s largest shareholders is heating up.
-
Bluesky customization tool Graze snags $1M
A pair of Portland tech vets landed investment for their tool that allows consumers to control their content feeds on social media app Bluesky.
-
Portland City Council wants to reject PGE’s Forest Park project
At the end of a hearing that stretched past five hours on Thursday, councilors all weighed in against PGE.
-
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024. “The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,'” Cisco Talos researchers…
-
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,” Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.…
-
![[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach](https://encircle-it.com/wp-content/uploads/2025/04/webinar-ai-is-already-inside-your-saas-stack-learn-how-to-prevent-the-next-silent-breach.webp)
[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach
Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot into Salesforce. No big deal—until it is. If this sounds familiar, you’re not alone. Most security teams are already behind in detecting how…
-
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States. “From 2020 to 2023, the XorDDoS trojan has increased significantly in prevalence,” Cisco Talos researcher Joey Chen said in a Thursday analysis.
-
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-24054 (CVSS score: 6.5), is a Windows New Technology LAN Manager (NTLM) hash disclosure
-
On May 3, City Cast Portland’s 503 Day to end all 503 Days
Full disclosure: I really dig City Cast Portland and I really, really dig 503 Day. I dig it so much that I contributed ever-so-slightly to last year’s 503 Day (not, um, money, mind you, but something tangible that’s easily searchable online). And while it’s my distinct hope that you already know what 503 Day is,…
-
Oregon Legislature 2025: 14 bills you should be watching
Lawmakers are halfway through the 2025 session.
