Ryan Naraine

2 weeks ago | threatbeat.com | Ryan Naraine

By Ryan Naraine • May 24, 2025 When Coinbase said last week that it had refused to pay a $20 million ransom tied to an insider leak, the company estimated the data theft touched “less than one percent” of monthly transacting users. A mandatory filing to the Maine Attorney General now pins the number at 69,461 customers nationwide and dates the breach back to last December.

2 weeks ago | securityweek.com | Ryan Naraine

Signal on Friday shipped a new feature that automatically blocks all screenshots of its chat window, positioning it as a privacy shield aimed at Microsoft’s controversial Windows Recall technology that logs on-screen activity every few seconds for AI search. The new Signal feature sets a “screen security” flag that blocks the Windows OS from capturing screenshots of Signal chats. If a user or the Recall utility tries, the result is a blank frame.

2 weeks ago | securityweek.com | Ryan Naraine

Akamai’s security team kicked off a new spat in the vulnerability disclosure world by publishing full exploitation details for “BadSuccessor,” an unpatched privilege-escalation flaw in Windows Server 2025 that allows attackers to compromise any user in Active Directory.

2 weeks ago | securityweek.com | Ryan Naraine

The US government’s cybersecurity agency CISA is sounding the alarm over what it calls an “elevated threat” from Russia’s military-intelligence hackers, warning that Unit 26165 (APT28/Fancy Bear) is systematically zeroing in on Western logistics and technology companies that move weapons, aid and other supplies into Ukraine.

2 weeks ago | securityweek.com | Ryan Naraine

Microsoft and global law enforcement agencies on Wednesday announced the takedown of “Lumma Stealer” malware operation, seizing 2,300 domains that formed the infostealer’s command-and-control backbone and blocking the dark web markets that offered it for rent.