-
Two Central City Portland office buildings set to be converted to housing units
The strategy has been widely discussed as a solution to filling empty buildings but brings several cost and regulatory challenges.
-
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions – Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat 10.1.0-M1 to 10.1.34 Apache Tomcat 9.0.0-M1 to…
-
Vacasa settles on a buyer after rebuffing competing acquisition offer
Vacasa will go ahead with an acquisition by Casago after rejecting a competing offer by hedge fund Davidson Kempner Capital Management.
-
Thought leader roundtable: Secrets of the 2025 Women of Influence (video)
In a special Secrets of the Women of Influence virtual roundtable, the Portland Business Journal convened honorees from the 2025 Women of Influence Awards to discuss insights and secrets to their success with Portland Business Journal Publisher and Market President Candace Beeke. Panelists: Anne Donovan, president, Xenium HR Sarah Pope, executive director, Stand for Children-Oregon…
-
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on…
-
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source
-
How to use a Chapter 11 subchapter to restructure debts
Sussman Shank’s Garrett Eggen writes that Subchapter V provides small businesses with a previously unavailable means by which they can restructure their debts through the bankruptcy process.
-
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It’s used to track and retrieve all
-
10 Steps to Prevent a Data Breach
Data breaches can harm your business. They can cost you money and trust. Let’s look at how to stop them from happening. What is a data breach? A data breach is when someone steals information. This can be names, emails, or credit card numbers. It’s bad for your customers and your business. Why should you…
-
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as “time” related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them.…
