-
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on…
-
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source
-
How to use a Chapter 11 subchapter to restructure debts
Sussman Shank’s Garrett Eggen writes that Subchapter V provides small businesses with a previously unavailable means by which they can restructure their debts through the bankruptcy process.
-
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It’s used to track and retrieve all
-
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as “time” related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them.…
-
Inside the Portland Trail Blazers’ first women’s summit
Across three different panels, women from different areas of sport, from athletes to athletic trainers to business leaders and everything in between, spoke on the growth of women’s sports over the last several years, and Portland’s place in that.
-
Urban Gleaners launches guest chef pop-up dinner series
Portland nonprofit Urban Gleaners is launching a new dinner series with local chefs to raise money for its food access work.
-
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in August 2024. He is said to have been…
-
Empty boxes: Kohl’s, Macy’s, Joann and other stores shut down around Portland
The Portland area’s retail landscape has been shrinking in 2025, emptying several big box stores around the region.
-
GSMA Confirms End-to-End Encryption for RCS, Enabling Secure Cross-Platform Messaging
The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms. To that end, the new GSMA specifications for RCS include E2EE based on the Messaging Layer Security (MLS) protocol
