-
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. “If executed at scale, this attack could be used to gain access to thousands of accounts,” Datadog…
-
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that’s associated with…
-
CEO out at Portland metro battery energy storage company
The move comes two months after ESS, after another weak quarterly earnings report, gave formal notice that its ability to sustain operations over the next 12 months was in “substantial doubt.”
-
AI-Powered Social Engineering: Ancillary Tools and Techniques
Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: ‘As technology continues to evolve, so do cybercriminals’ tactics.’ This article explores some of the impacts of this GenAI-fueled acceleration.…
-
The green building boom leads energy efficiency in the Pacific Northwest
The Pacific Northwest is setting the standard for energy conservation, spearheading the push toward a sustainable future through innovative green building infrastructure. With a powerful blend of forward-thinking eco-policies and the expertise of skilled electrical professionals, the region is not only reducing its carbon footprint but also shaping the future of energy-efficient construction. In 2013,…
-
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability, tracked as CVE-2025-1094 (CVSS score: 8.1), affects the PostgreSQL interactive tool psql.…
-
Damian Lillard launches Portland State scholarship program for Bay Area high schoolers
A popular former Portland Trail Blazer has launched a scholarship program that could support 10 students should they attend Portland State University next fall. Damian Lillard and PSU revealed the Damian Lillard Scholars program, which will back Oakland-area students who enroll at the Portland college. Lillard, the Blazers all-time leading scorer who was named one…
-
Bob’s Red Mill cafe and store was a space for community
Bob’s Red Mill cafe and store holds a special place in Milwaukie and locals’ hearts.
-
Smoke-damaged wine has its fans, study finds
Oregon State University and New Zealand researchers see new market opportunity for wineries dealing with smoke-damaged grapes and wines.
-
Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners
A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud. “The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF that contains a CAPTCHA image embedded with a…
