-
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows
-
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has…
-
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution…
-
Editor’s Notebook: Meyer makes a stand in the place where it lives
The group’s leader said she felt compelled to put the group’s money toward nonprofits affected by myriad recent setbacks.
-
Anti-Elon Musk sentiment roils EV group’s Tesla meeting plan
Some members of Oregon EV Association, a two-decade-old EV enthusiast nonprofit, raise objections to meeting at Tesla Tigard.
-
PNC commits to downtown Portland with move to Fox Tower
PNC has held a physical presence in Portland since 2020 but has operated in the market for years prior.
-
Portland Trail Blazers hire San Antonio Spurs SVP as new CFO
The Portland Trail Blazers have hired an NBA front office vet to replace one of its longest-tenured executives.
-
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. “The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script…
-
Powin returns fire in fight with Chinese battery giant
Powin brushes aside charges of financial distress, says supplier CATL is trying to edge in on its business.
-
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
Threat intelligence firm GreyNoise is warning of a “coordinated surge” in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025. The countries…
