-
The Pitch: Next Ascent wants to be the pinnacle of climbing apps
The app aims to be like an AllTrails for rock climbing, full of guides for climbs, safety alerts, tips and other information.
-
Executive Insights: Peggy McGuire, Cambia Health Foundation, and Katie McLaughlin, the Ballmer Institute, discuss transformative youth mental health programs (video)
Peggy McGuire, president and board chair of the Cambia Health Foundation, sat down with Katie McLaughlin, executive director of the Ballmer Institute, to discuss her role and the institute’s mission to transform behavioral health care for children and families. The institute focuses on expanding the workforce through innovative training programs, including a unique undergraduate program…
-
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
Microsoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser. The native data security control is designed to prevent employees from sharing sensitive company-related data into consumer generative artificial intelligence (GenAI) apps like OpenAI ChatGPT, Google Gemini, and DeepSeek. The list will be expanded over time…
-
VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics
A ransomware-as-a-service (RaaS) operation called VanHelsing has already claimed three victims since it launched on March 7, 2025. “The RaaS model allows a wide range of participants, from experienced hackers to newcomers, to get involved with a $5,000 deposit. Affiliates keep 80% of the ransom payments, while the core operators earn 20%,” Check Point said…
-
Leader Board: 35 new Portland-area executives you should know (Q1 2025)
Welcome to the latest installment of Leader Board, a quarterly feature in which we introduce Business Journal readers to executives who are new to their positions.
-
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined…
-
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked as CVE-2025-29927, carries a CVSS score of 9.1 out of 10.0. “Next.js uses an internal header x-middleware-subrequest to prevent recursive requests from triggering infinite loops,” Next.js said in…
-
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope. “The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for…
-
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
The U.S. Treasury Department has announced that it’s removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to launder their ill-gotten proceeds. “Based on the Administration’s review of the novel legal and policy issues raised by use of financial sanctions against financial and commercial…
-
Portland fast food startup Face Plant wants to dethrone McDonald’s
Portland entrepreneur Matt Plitch’s latest startup, Face Plant, is a fast food concept on a mission to take down McDonald’s by building the most beloved fast food brand in the world.
