Ryan Naraine

New York

Editor at Large at SecurityWeek

Publisher at Security Conversations

🎧 Three Buddy Problem: https://t.co/ZGEyqy2h7g. ✍🏼 Writing: @securityweek 🗣️ Conference: @labscon_io

Featured in: Favicon

securityweek.com Favicon

medium.com Favicon

pcmag.com

zdnet.com

csmonitor.com Favicon

eweek.com

internetnews.com

Articles

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure

2 weeks ago | securityweek.com | Ryan Naraine

Security researchers at Wiz on Monday raised an alarm catching a malicious hacker hijacking misconfigured DevOps infrastructure for cryptocurrency mining in what appears to be the first documented abuse of HashiCorp Nomad servers in the wild.
Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently

2 weeks ago | securityweek.com | Ryan Naraine

Mobile chipmaker Qualcomm on Monday warned that professional hackers are already exploiting three newly patched Adreno GPU bugs and the company is pressing phone makers to push available fixes without delay.
GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability

2 weeks ago | securityweek.com | Ryan Naraine

Threat intelligence firm GreyNoise on Wednesday lifted the lid on a stealth malware campaign that has quietly converted thousands of internet-facing ASUS home and small-office routers into backdoor nodes since at least mid-March.
Czech Government Condemns Chinese Hack on Critical Infrastructure

2 weeks ago | securityweek.com | Ryan Naraine

The Czech government delivered a pointed warning to China on Wednesday, publicly attributing a years-long intrusion in the foreign ministry’s networks to APT31, a cyber-espionage hacking unit linked to Beijing’s Ministry of State Security.
Russian Government Hackers Caught Buying Passwords from Cybercriminals

2 weeks ago | securityweek.com | Ryan Naraine

Microsoft on Tuesday published technical documentation on a new Russia-linked espionage outfit it calls “Void Blizzard,” warning that the group has spent the past year quietly looting e-mail, files and even Teams chats from government and defense contractors across Europe and North America.
Coinbase says rogue contractor data breach affects 69,461 users

3 weeks ago | threatbeat.com | Ryan Naraine

By Ryan Naraine • May 24, 2025 When Coinbase said last week that it had refused to pay a $20 million ransom tied to an insider leak, the company estimated the data theft touched “less than one percent” of monthly transacting users. A mandatory filing to the Maine Attorney General now pins the number at 69,461 customers nationwide and dates the breach back to last December.
Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’

3 weeks ago | securityweek.com | Ryan Naraine

Signal on Friday shipped a new feature that automatically blocks all screenshots of its chat window, positioning it as a privacy shield aimed at Microsoft’s controversial Windows Recall technology that logs on-screen activity every few seconds for AI search. The new Signal feature sets a “screen security” flag that blocks the Windows OS from capturing screenshots of Signal chats. If a user or the Recall utility tries, the result is a blank frame.
Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw

3 weeks ago | securityweek.com | Ryan Naraine

Akamai’s security team kicked off a new spat in the vulnerability disclosure world by publishing full exploitation details for “BadSuccessor,” an unpatched privilege-escalation flaw in Windows Server 2025 that allows attackers to compromise any user in Active Directory.
CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine

3 weeks ago | securityweek.com | Ryan Naraine

The US government’s cybersecurity agency CISA is sounding the alarm over what it calls an “elevated threat” from Russia’s military-intelligence hackers, warning that Unit 26165 (APT28/Fancy Bear) is systematically zeroing in on Western logistics and technology companies that move weapons, aid and other supplies into Ukraine.
Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation

3 weeks ago | securityweek.com | Ryan Naraine

Microsoft and global law enforcement agencies on Wednesday announced the takedown of “Lumma Stealer” malware operation, seizing 2,300 domains that formed the infostealer’s command-and-control backbone and blocking the dark web markets that offered it for rent.

Contact details

Emails

[email protected]

Socials & Sites

Try JournoFinder For Free

Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.

Start Your 7-Day Free Trial →

Coverage map

X (formerly Twitter)

Followers: 27K
Tweets: 31K
DMs Open: No

Ryan Naraine @ryanaraine

9 Jun 25

RT @sergeybratus: Papers and slides from the 11th LangSec IEEE Security & Privacy workshop are now posted on the LangSec website: https://t…

Ryan Naraine @ryanaraine

9 Jun 25

A stray artifact in a TLS certificate led security researchers to an unnerving discovery: hundreds of control-room dashboards for US water utilities were sitting a click away from the public internet, and dozens of them offered full, no-password control over pumps, valves and

Ryan Naraine @ryanaraine

8 Jun 25

Fun pod with ⁦@mikko⁩ and ⁦@craiu⁩ https://t.co/59unta7fTE

Ryan Naraine

Articles

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure

Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability

Czech Government Condemns Chinese Hack on Critical Infrastructure

Russian Government Hackers Caught Buying Passwords from Cybercriminals

Coinbase says rogue contractor data breach affects 69,461 users

Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’

Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation

Contact details

Emails

Socials & Sites

Coverage map

X (formerly Twitter)