banner
LightNews
zackwhittaker.com
Zack Whittaker
@zackwhittaker.com
15K followers 240 following 490 posts
Security editor, TechCrunch Signal: zackwhittaker.1337 My stories: techcrunch.com/author/zack-whittaker My weekly cyber newsletter: this.weekinsecurity.com
Posts Media Videos Starter Packs
zackwhittaker.com
Zack Whittaker @zackwhittaker.com · 8h
Toby wishes everyone a peaceful evening.
a photo of my tabby cat Toby, asleep on a green cushion, with his feet curled up so that you can see his cute little toe beans.
27
Reposted by Zack Whittaker
joetidy.bsky.social
Joe Tidy BBC News @joetidy.bsky.social · 15h
M&S, The Co-op, Harrods, JLR, TfL, Kido nurseries. Teen hackers are being blamed for carrying out the biggest recent cyber attacks. In fact 7 British boys have been arrested so far this year for these hacks. People keep asking me what is going on and I keep paraphrasing this passage from my book:
2 3 14
Reposted by Zack Whittaker
infosecsherpa.bsky.social
InfoSecSherpa @infosecsherpa.bsky.social · 13h
TL;DR - A September 26 battery fire at South Korea's National Information Resources Service data center in Daejeon may have caused the permanent loss of 858 TB of unbacked-up government data, severely disrupting government services.
www.datacenterdynamics.com/en/news/858t...
858TB of government data may be lost for good after South Korea data center fire
Destroyed drive wasn't backed up, officials say
www.datacenterdynamics.com
3 11
zackwhittaker.com
Zack Whittaker @zackwhittaker.com · 17h
Plus in this week's newsletter: ICE bought phone-snooping tech in vans; ChatGPT can still be tricked into spitting over nuke instructions; spyware maker NSO Group is now American-owned, and more from the week in cyber. Also: good news in the happy corner.

Sign up/RSS/subscribe today:
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
3
zackwhittaker.com
Zack Whittaker @zackwhittaker.com · 17h
And here's this week's edition of this.weekinsecurity.com, featuring stories on Clop and ShinyHunters extorting dozens of companies; India exposed citizens' tax data; DHS reassigning CISA staff to assist ICE deportations; Microsoft warns of payroll pirates, and more. Plus: a brand-new cyber cat!
this week in security — october 12 2025 edition
Clop and ShinyHunters are extorting dozens of organizations, DHS reassigns CISA cyber staff to assist deportations, India exposed taxpayers' data, and more.
this.weekinsecurity.com
1 3 6
Reposted by Zack Whittaker
wired.com
WIRED @wired.com · 1d
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more. www.wired.com/story/happy-...
'Happy Gilmore' Producer Buys Spyware Maker NSO Group
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more.
www.wired.com
4 44 97
Reposted by Zack Whittaker
margarita.bsky.social
Margarita @margarita.bsky.social · 2d
Journalist Debbie Brockman: "Let them know"

www.chicagotribune.com/2025/10/10/w...
WGN-TV producer detained during ICE enforcement action in Lincoln Square
A WGN-TV video editor and producer was roughly detained by two Border Patrol agents on Friday morning during a highly visible rush hour enforcement action in Lincoln Square.
www.chicagotribune.com
14 33
zackwhittaker.com
Zack Whittaker @zackwhittaker.com · 2d
My weekly cybersecurity newsletter this.weekinsecurity.com goes out Sundays, and includes:

🗞️ all the cyber news you need to know
🐈 a reader-submitted cyber-cat
😁 the happy corner of good news
🐈‍⬛ did I mention cats?
👀 no email open/link trackers
😻 cats! (OK, sometimes dogs too! 🐶)

Sign up/RSS:
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
3 8
Reposted by Zack Whittaker
marisakabas.bsky.social
Marisa Kabas @marisakabas.bsky.social · 2d
EXCLUSIVE — DHS Acting General Counsel sent out a memo Wednesday to all Federal Protective Service staff (the sub-agency that guards federal buildings) letting officers know they could take any action necessary "in the vicinity" federal property to protect themselves.

The Handbasket reports:
DHS top lawyer says 'no legal barrier' to actions officers can take to defend federal property
In a memo obtained exclusively by The Handbasket, Federal Protective Service (FPS) officers were given free rein.
www.thehandbasket.co
67 680 1.4K
Reposted by Zack Whittaker
kevincollier.bsky.social
Kevin Collier @kevincollier.bsky.social · 2d
New: We jailbroke four versions of ChatGPT to get instructions on how to create viruses and chemical weapons.

The instructions were all flawed, and the it didn't work on GPT-5. But 4 of the 5 big AI companies have internally found their top models are close to being able to tutor bioterrorists.
ChatGPT safety systems can be bypassed to get weapons instructions
NBC News found that OpenAI’s models repeatedly provided answers on making chemical and biological weapons.
www.nbcnews.com
7 64 110
Reposted by Zack Whittaker
techcrunch.com
TechCrunch @techcrunch.com · 2d
Staffers at U.S. cybersecurity agency CISA have been reassigned to ICE and CBP as part of the Trump administration’s crackdown on immigration.
Homeland Security reassigns 'hundreds' of CISA cyber staffers to support Trump's deportation crackdown | TechCrunch
Staffers at U.S. cybersecurity agency CISA have been reassigned to ICE and CBP as part of the Trump administration’s crackdown on immigration.
techcrunch.com
6 19 23
Reposted by Zack Whittaker
lorenzofb.bsky.social
Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 2d
SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.

NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
Spyware maker NSO Group confirms acquisition by US investors | TechCrunch
NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.
techcrunch.com
5 140 170
Reposted by Zack Whittaker
carlypage.bsky.social
Carly Page @carlypage.bsky.social · 2d
Cops have seized the latest incarnation of Breach Forums, which had become the public-facing leak shop for Scattered Lapsus$ Hunters' latest extortion campaign.

The group claims the takedown has "no impact" on its planned leak of ~1 billion Salesforce records www.theregister.com/2025/10/10/c...
Cops seize Scattered Lapsus$ Hunters' BreachForums domain
: US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce
www.theregister.com
3 4
Reposted by Zack Whittaker
josephcox.bsky.social
Joseph Cox @josephcox.bsky.social · 3d
They're animating the law enforcement seizure notices now. This was just uploaded to the Scattered LAPSUS$ Hunters site that was threatening to dump Salesforce customer data. The dark web version remains online.
10 13 92
Reposted by Zack Whittaker
couts.bsky.social
Andrew Couts @couts.bsky.social · 3d
NEW: The developers whose ICE-related apps were removed from the Apple App Store say they're preparing to fight back. @thiccreese.bsky.social and @lhn.bsky.social report: www.wired.com/story/apple-...
Apple Took Down ICE-Tracking Apps. Their Developers Aren't Giving Up
“We are going to do everything in our power to fight this,” says ICEBlock developer Joshua Aaron after Apple removed his app from the App Store.
www.wired.com
7 60 200
Reposted by Zack Whittaker
lorenzofb.bsky.social
Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 3d
NEW: A prominent Italian businessman was reportedly targeted with Paragon spyware, widening the surveillance scandal in Italy, according to local news reports.

techcrunch.com/2025/10/09/i...
Italian businessman's phone reportedly targeted with Paragon spyware | TechCrunch
The alleged targeting of prominent Italian businessman Francesco Gaetano Caltagirone now widens the Paragon spyware scandal in Italy to victims beyond journalists and activists.
techcrunch.com
1 6 7
Reposted by Zack Whittaker
404media.co
404 Media @404media.co · 3d
BREAKING: A catastrophic breach has impacted Discord user data including selfies and identity documents uploaded as part of the app’s verification process, email addresses, phone numbers, approximately where the user lives, and much more.

🔗 www.404media.co/the-discord-...
The Discord Hack is Every Users’ Worst Nightmare
A hack impacting Discord’s age verification process shows in stark terms the risk of tech companies collecting users’ ID documents. Now the hackers are posting peoples’ IDs and other sensitive informa...
www.404media.co
87 1.6K 2.5K
Reposted by Zack Whittaker
troyhunt.com
Troy Hunt @troyhunt.com · 4d
As the clock counts down to the deadline the Qantas hackers have threatened to publish their data on, how much will the court injunction actually help the breach victims (which includes me)? www.troyhunt.com/court-injunc...
Court Injunctions are the Thoughts and Prayers of Data Breach Response
You see it all the time after a tragedy occurs somewhere, and people flock to offer their sympathies via the "thoughts and prayers" line. Sympathy is great, and we should all express that sentiment…
www.troyhunt.com
2 9 23
zackwhittaker.com
Zack Whittaker @zackwhittaker.com · 4d
cat-in-the-middle attack
3
Reposted by Zack Whittaker
lorenzofb.bsky.social
Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 4d
Here's an updated list of all the technology ICE has in its arsenal to mass deport people.

We've added new sections on cell-site simulators and cellphone location data.

techcrunch.com/2025/10/08/h...
Here's the tech powering ICE's deportation crackdown  | TechCrunch
From phone spyware and facial recognition to phone unlocking technology and databases and more, this tech powers Trump's deportation machine.
techcrunch.com
2 23 30
zackwhittaker.com
Zack Whittaker @zackwhittaker.com · 4d
Exactly. Advanced persistent teenagers are one of the loudest and most disruptive threats today.
metacurity.com
Cynthia Brumfield @metacurity.com · 4d
Forget about nation-states for a moment: The top four items in today's Metacurity all deal with serious cybersecurity threats emanating from teen hackers.

Don't miss today's issue for the complete run-down of infosec developments you should know, including 1/5
www.metacurity.com/shinyhunters...
ShinyHunters threatens to release data stolen from dozens of Fortune 500 firms
Salesforce refuses to pay ShinyHunters ransom, Qantas braces for the release of its data, Two teens busted for Kido nurseries cyberattack, Qilin claims attack on Asahi, Chinese hackers infiltrated Wil...
www.metacurity.com
10
Reposted by Zack Whittaker
fredericl.bsky.social
Frederic Lardinois @fredericl.bsky.social · 4d
Got a tip last night that GitHub is moving all of its infra over to Azure. Ideally within the next year. It's such a priority for the company, with its own data center resource-constrained, that it will delay feature development to get that done ASAP. thenewstack.io/github-will-...
GitHub Will Prioritize Migrating to Azure Over Feature Development
GitHub is working on migrating all of its infrastructure to Azure, even though this means it'll have to delay some feature development.
thenewstack.io
1 4 10
Reposted by Zack Whittaker
edzitron.com
Ed Zitron @edzitron.com · 4d
Kind of pissed off now because I’ve now seen at least four different pieces that are just this but reworded lol but oh well if you want to know stuff early sign up for my premium
edzitron.com
Ed Zitron @edzitron.com · 16d
Premium newsletter: Based on my estimates and analysis, OpenAI needs one trillion dollars in the next four years to build 17GW of data centers and other commitments, with at least $500 billion needed for company operations. There is not enough capital to do this.

www.wheresyoured.at/openai-onetr...
OpenAI Needs A Trillion Dollars In The Next Four Years
Shortly before publishing this newsletter, I spoke with analyst Gil Luria, Managing Director and Analyst at D.A. Davidson, and asked him whether the capital was there to build the 17 Gigawatts of capa...
www.wheresyoured.at
9 45 450
Reposted by Zack Whittaker
metacurity.com
Cynthia Brumfield @metacurity.com · 5d
www.bloomberg.com/news/article...
Salesforce Tells Clients It Won’t Pay Hackers for Data Extortion
Salesforce Inc. told customers Tuesday that it won’t pay a ransom demand from a hacker who claimed to have stolen a large amount of client data and threatened to publish it, according to an email seen...
www.bloomberg.com
1 2
zackwhittaker.com
Zack Whittaker @zackwhittaker.com · 5d
Scoop, by @lorenzofb.bsky.social: A federal contract shows ICE spent $825,000 on vans equipped with fake cellphone towers known as cell-site simulators, which can be used to spy on nearby phones.
ICE bought vehicles equipped with fake cell towers to spy on phones  | TechCrunch
The federal contract shows ICE spent $825,000 on vans equipped with “cell-site simulators” which allow the real-world location tracking of nearby phones and their owners.
techcrunch.com
14 210 290