-
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. “The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a…
-
Have We Reached a Distroless Tipping Point?
There’s a virtuous cycle in technology that pushes the boundaries of what’s being built and how it’s being used. A new technology development emerges and captures the world’s attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the innovation’s potential. These use cases generate significant value, fueling demand for the…
-
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems. “A stack-based buffer overflow in…
-
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links…
-
Intel HR VP takes job with Caterpillar
Intel Vice President and Chief People Officer Christy Pambianchi is leaving the company for machinery manufacturer Caterpillar.
-
Colorful footwear brand closes downtown Portland location
Quirky Canadian shoe brand John Fluevog company closed its downtown Portland storefront last weekend after 14 years in the space.
-
Oregon stocks, like every state’s, take an absolute beating after ‘liberation’
The tariffs, spread way deeper than most had expected, did no favors for the nation’s public companies.
-
Oregon Supreme Court reverses lower court decision in Tillamook marketing lawsuit
The Oregon Supreme Court on Thursday unanimously reversed a lower court decision to dismiss part of a deceptive marketing lawsuit against Tillamook.
-
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared…
-
City of Bingen seeks volunteers for For/Against Committee
BINGEN — The City of Bingen will appoint no more than three volunteers to serve on a For/Against Committee for a ballot measure planned for the Aug. 5, 2025, Klickitat County election.
