Zack Whittaker
@zackwhittaker.com
Security editor, TechCrunch
Signal: zackwhittaker.1337
My stories: techcrunch.com/author/zack-whittaker
My newsletter/blog: this.weekinsecurity.com
Signal: zackwhittaker.1337
My stories: techcrunch.com/author/zack-whittaker
My newsletter/blog: this.weekinsecurity.com
Daily Beast reports that a DHS whistleblower has leaked the personal details of around 4,500 ICE and Border Patrol employees. The data is said to include about 1,800 on-the-ground agents and 150 supervisors.
Personal Details of Thousands of Border Patrol and ICE Goons Allegedly Leaked in Huge Data Breach
A DHS whistleblower appears to have exposed data on federal immigration workers after the shooting of Renee Good.
www.thedailybeast.com
January 13, 2026 at 10:22 PM
Daily Beast reports that a DHS whistleblower has leaked the personal details of around 4,500 ICE and Border Patrol employees. The data is said to include about 1,800 on-the-ground agents and 150 supervisors.
Reposted by Zack Whittaker
NEW: 24-year-old Nicholas Moore will plead guilty to hacking the U.S. Supreme Court electronic filing system in 2023.
There aren't a lot of public details about this case for now. It will be interesting to find out what he accessed or stole.
techcrunch.com/2026/01/13/m...
There aren't a lot of public details about this case for now. It will be interesting to find out what he accessed or stole.
techcrunch.com/2026/01/13/m...
Man to plead guilty to hacking US Supreme Court filing system | TechCrunch
A 24-year-old from Tennessee is expected to admit to accessing the Supreme Court’s electronic filing system without authorization dozens of times throughout 2023.
techcrunch.com
January 13, 2026 at 7:06 PM
NEW: 24-year-old Nicholas Moore will plead guilty to hacking the U.S. Supreme Court electronic filing system in 2023.
There aren't a lot of public details about this case for now. It will be interesting to find out what he accessed or stole.
techcrunch.com/2026/01/13/m...
There aren't a lot of public details about this case for now. It will be interesting to find out what he accessed or stole.
techcrunch.com/2026/01/13/m...
Reposted by Zack Whittaker
New from @francescadnunz.bsky.social: Civil liberties experts are raising the alarm about "Tangles," a law-enforcement surveillance software that allows police to bypass judicial oversight by spying on smartphone users without a warrant.
Texas Police Invested Millions in a Shadowy Phone-Tracking Software. They Won’t Say How They’ve Used It.
One sheriff who leads an anti-smuggling task force says the software helps “develop leads to eventually obtain probable cause.” Civil liberties experts say its use violates constitutional rights.
www.texasobserver.org
January 13, 2026 at 3:22 PM
New from @francescadnunz.bsky.social: Civil liberties experts are raising the alarm about "Tangles," a law-enforcement surveillance software that allows police to bypass judicial oversight by spying on smartphone users without a warrant.
Reposted by Zack Whittaker
Excellent instructional video pass it on
January 13, 2026 at 4:09 AM
Excellent instructional video pass it on
Reposted by Zack Whittaker
NEW: We break down how to prepare yourself for the day ICE shows up in your area. @lhn.bsky.social, @regret.bsky.social, and @mattburgess1.bsky.social report. No paywall. www.wired.com/story/what-t...
What to Do If ICE Invades Your Neighborhood
With federal agents storming the streets of American communities, there's no single right way to approach this dangerous moment. But there are steps you can take to stay safe—and have an impact.
www.wired.com
January 13, 2026 at 12:19 PM
NEW: We break down how to prepare yourself for the day ICE shows up in your area. @lhn.bsky.social, @regret.bsky.social, and @mattburgess1.bsky.social report. No paywall. www.wired.com/story/what-t...
Reposted by Zack Whittaker
ICE agents are, simply put, fucking clowns. Some observations from four days on the ground in Minneapolis.
www.garbageday.email/p/we-re-all-...
www.garbageday.email/p/we-re-all-...
January 12, 2026 at 7:53 PM
ICE agents are, simply put, fucking clowns. Some observations from four days on the ground in Minneapolis.
www.garbageday.email/p/we-re-all-...
www.garbageday.email/p/we-re-all-...
Reposted by Zack Whittaker
I have an op-ed in the NYT today about the Grok scandal, sharing my research from last year finding that legal risk hinders AI companies from making their models safer against CSAM - an echo of the years where white-hat hackers were chilled from good-faith research. www.nytimes.com/2026/01/12/o...
Opinion | There’s One Easy Solution to the A.I. Porn Problem
www.nytimes.com
January 12, 2026 at 4:34 PM
I have an op-ed in the NYT today about the Grok scandal, sharing my research from last year finding that legal risk hinders AI companies from making their models safer against CSAM - an echo of the years where white-hat hackers were chilled from good-faith research. www.nytimes.com/2026/01/12/o...
Reposted by Zack Whittaker
ClickFix attacks are increasingly devious, dangerous, and can hack you in an instant
via @zackwhittaker.com
via @zackwhittaker.com
ClickFix attacks are increasingly devious, dangerous, and can hack you in an instant
These attacks spoof Windows errors, CAPTCHAs, and real login pages to trick victims into hacking themselves with malware that skirts common cyber defenses.
this.weekinsecurity.com
January 13, 2026 at 3:43 AM
ClickFix attacks are increasingly devious, dangerous, and can hack you in an instant
via @zackwhittaker.com
via @zackwhittaker.com
Reposted by Zack Whittaker
AOC: I want everybody to understand that the cuts to your health care are what’s paying for this. You get screwed over to pay a bunch of thugs in the street that are shooting mothers in the face.
January 13, 2026 at 1:20 AM
AOC: I want everybody to understand that the cuts to your health care are what’s paying for this. You get screwed over to pay a bunch of thugs in the street that are shooting mothers in the face.
Reposted by Zack Whittaker
This always works.
January 12, 2026 at 8:09 PM
This always works.
Betterment was hacked and users' personal data compromised, but you might not know it because the company hid its data breach notice with a "noindex" tag in its web page source code. This tells search engines to ignore the page so people won't see it in search results. techcrunch.com/2026/01/12/f...
January 12, 2026 at 6:24 PM
Betterment was hacked and users' personal data compromised, but you might not know it because the company hid its data breach notice with a "noindex" tag in its web page source code. This tells search engines to ignore the page so people won't see it in search results. techcrunch.com/2026/01/12/f...
Reposted by Zack Whittaker
NEW: Betterment said hackers gained access to some customers' "names, email addresses and postal addresses, phone numbers, and dates of birth," and then used that info to send a crypto-related phishing attack.
The hackers reportedly made a few thousand dollars.
The hackers reportedly made a few thousand dollars.
Fintech firm Betterment confirms data breach after hackers send fake crypto scam notification to users | TechCrunch
Hackers gained access to some Betterment customers’ personal information through a social engineering attack, then targeted some of them with a crypto-related phishing message.
techcrunch.com
January 12, 2026 at 6:17 PM
NEW: Betterment said hackers gained access to some customers' "names, email addresses and postal addresses, phone numbers, and dates of birth," and then used that info to send a crypto-related phishing attack.
The hackers reportedly made a few thousand dollars.
The hackers reportedly made a few thousand dollars.
My latest edition of this.weekinsecurity.com, your weekly digest of all the most important cybersecurity news, is out. Featuring: US spyware founder pleads guilty; New Zealand health data breach; ICE use data tools to snoop on phones; hackers sending ragebait emails, and more. Plus, a new cybercat.🐈⬛
this week in security — january 11 2026 edition
pcTattletale founder guilty, hackers breach New Zealanders' health data, Iran cuts off internet amid protests, Instagram data leak, Flock security lapse, and more.
this.weekinsecurity.com
January 12, 2026 at 12:05 AM
My latest edition of this.weekinsecurity.com, your weekly digest of all the most important cybersecurity news, is out. Featuring: US spyware founder pleads guilty; New Zealand health data breach; ICE use data tools to snoop on phones; hackers sending ragebait emails, and more. Plus, a new cybercat.🐈⬛
Reposted by Zack Whittaker
Hey I wrote a long thing about taking control of what you read. If you want to read it, it's at shostack.org/blog/take-co...
I don't feel like spending time writing a 300 character summary of it.
I don't feel like spending time writing a 300 character summary of it.
Shostack + Friends Blog > Take Control of What you Read, Redux
In 2026, it’s more important than ever to take control of what you read
shostack.org
January 11, 2026 at 5:56 PM
Hey I wrote a long thing about taking control of what you read. If you want to read it, it's at shostack.org/blog/take-co...
I don't feel like spending time writing a 300 character summary of it.
I don't feel like spending time writing a 300 character summary of it.
this.weekinsecurity.com is my weekly newsletter (and blog) that includes all the cyber news you need to know from the week, good news you might've missed, and much more. Plus, a reader-submitted cyber cat every edition.
No email open/link tracking! Out Sundays.
Sign up/RSS for today's edition:
No email open/link tracking! Out Sundays.
Sign up/RSS for today's edition:
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
January 11, 2026 at 4:53 PM
this.weekinsecurity.com is my weekly newsletter (and blog) that includes all the cyber news you need to know from the week, good news you might've missed, and much more. Plus, a reader-submitted cyber cat every edition.
No email open/link tracking! Out Sundays.
Sign up/RSS for today's edition:
No email open/link tracking! Out Sundays.
Sign up/RSS for today's edition:
By me at this.weekinsecurity.com: ClickFix attacks are on the rise. By spoofing Windows crashes, CAPTCHAS, and Apple logins, all try to trick you into pasting malicious code into your computer.
In this blog, I explain how ClickFix attacks work, what to look for (with pictures!), & how to stay safe.
In this blog, I explain how ClickFix attacks work, what to look for (with pictures!), & how to stay safe.
ClickFix attacks are increasingly devious, dangerous, and can hack you in an instant
These attacks spoof Windows errors, CAPTCHAs, and real login pages to trick victims into hacking themselves with malware that skirts common cyber defenses.
this.weekinsecurity.com
January 9, 2026 at 1:55 PM
By me at this.weekinsecurity.com: ClickFix attacks are on the rise. By spoofing Windows crashes, CAPTCHAS, and Apple logins, all try to trick you into pasting malicious code into your computer.
In this blog, I explain how ClickFix attacks work, what to look for (with pictures!), & how to stay safe.
In this blog, I explain how ClickFix attacks work, what to look for (with pictures!), & how to stay safe.
I very much appreciated this essay by @sarahjeong.bsky.social this morning. It's a reminder that reality and truth still matters, even in the face of blatant and brazen lies.
People are fighting for the truth in Minneapolis
Ordinary civilians aren’t playing along with Trump
www.theverge.com
January 9, 2026 at 1:32 PM
I very much appreciated this essay by @sarahjeong.bsky.social this morning. It's a reminder that reality and truth still matters, even in the face of blatant and brazen lies.
Reposted by Zack Whittaker
The evidence is increasingly pointing to the probability that an ICE agent killed a woman after misreading her as a threat because he was distracted by his simultaneous effort to record her so he could upload her image to a facial recognition database.
We've analysed this video of the shooting of Renee Nicole Good yesterday in Minneapolis frame-by-frame to highlight the positioning of the gun and phone in the ICE agent's hands.
Video: @minnesotareformer.com with annotations by Bellingcat
Video: @minnesotareformer.com with annotations by Bellingcat
January 9, 2026 at 1:19 PM
The evidence is increasingly pointing to the probability that an ICE agent killed a woman after misreading her as a threat because he was distracted by his simultaneous effort to record her so he could upload her image to a facial recognition database.
Struggling to get my head around the utter fecklessness and spinelessness of world leaders' inability to stand up to Trump, Musk, Big Tech, or frankly anyone of ostensible power.
Keir Starmer's spokesman says X limiting deep fake images to paid users "simply turns a feature that allows the creation of unlawful images into a premium service. It's not a solution.. it's insulting the victims of misogyny and sexual violence."
Still won't commit to a ban or to stop posting there
Still won't commit to a ban or to stop posting there
January 9, 2026 at 1:19 PM
Struggling to get my head around the utter fecklessness and spinelessness of world leaders' inability to stand up to Trump, Musk, Big Tech, or frankly anyone of ostensible power.
Big fan of courtwatch.news.
The first two ¶¶s of @seamushughes.bsky.social's Courtwatch today.
www.courtwatch.news/p/158-the-ex...
www.courtwatch.news/p/158-the-ex...
January 9, 2026 at 1:07 PM
Big fan of courtwatch.news.
ClickFix attacks are on the rise, increasingly dangerous and devious, and can get you hacked in a flash.
In this long-read for this.weekinsecurity.com, I explain what you should know about how ClickFix hacks work (+ examples!), why they're so dangerous, and what you can do to avoid these attacks.
In this long-read for this.weekinsecurity.com, I explain what you should know about how ClickFix hacks work (+ examples!), why they're so dangerous, and what you can do to avoid these attacks.
ClickFix attacks are increasingly devious, dangerous, and can get you hacked in an instant
These attacks spoof Windows errors, CAPTCHAs, and real login pages to trick victims into hacking themselves with malware that skirts common cyber defenses.
this.weekinsecurity.com
January 8, 2026 at 11:05 PM
ClickFix attacks are on the rise, increasingly dangerous and devious, and can get you hacked in a flash.
In this long-read for this.weekinsecurity.com, I explain what you should know about how ClickFix hacks work (+ examples!), why they're so dangerous, and what you can do to avoid these attacks.
In this long-read for this.weekinsecurity.com, I explain what you should know about how ClickFix hacks work (+ examples!), why they're so dangerous, and what you can do to avoid these attacks.
Reposted by Zack Whittaker
Apple and Google have previously removed apps providing nudify services from their app stores.
So why havent they taken action against X and Grok?
@carolinehaskins.bsky.social reports
So why havent they taken action against X and Grok?
@carolinehaskins.bsky.social reports
Why Are Grok and X Still Available in App Stores?
Elon Musk’s chatbot has been used to generate thousands of sexualized images of adults and apparent minors. Apple and Google have removed other “nudify” apps—but continue to host X and Grok.
www.wired.com
January 8, 2026 at 8:38 PM
Apple and Google have previously removed apps providing nudify services from their app stores.
So why havent they taken action against X and Grok?
@carolinehaskins.bsky.social reports
So why havent they taken action against X and Grok?
@carolinehaskins.bsky.social reports
Reposted by Zack Whittaker
NEW: NSO Group has released a transparency report that is even less transparent than its own previous transparency reports, as it contains no data or information on customers at all.
Experts say the report is just an attempt to appease and push the U.S. government to be removed from a blocklist.
Experts say the report is just an attempt to appease and push the U.S. government to be removed from a blocklist.
Critics pan spyware maker NSO's transparency claims amid its push to enter US market | TechCrunch
The infamous spyware maker released a new transparency report claiming to be a responsible spyware maker, without providing insight into how the company dealt with problematic customers in the past.
techcrunch.com
January 8, 2026 at 7:17 PM
NEW: NSO Group has released a transparency report that is even less transparent than its own previous transparency reports, as it contains no data or information on customers at all.
Experts say the report is just an attempt to appease and push the U.S. government to be removed from a blocklist.
Experts say the report is just an attempt to appease and push the U.S. government to be removed from a blocklist.
Reposted by Zack Whittaker
For those keeping score, Bellingcat, The New York Times Visual Investigation Team, & Washington Post's Visual Forensic team have all published analysis showing the ICE shooter wasn't in the path of Renee Nicole Good’s vehicle when he shot her, contradicting statements by the President & his cronies
January 8, 2026 at 3:35 PM
For those keeping score, Bellingcat, The New York Times Visual Investigation Team, & Washington Post's Visual Forensic team have all published analysis showing the ICE shooter wasn't in the path of Renee Nicole Good’s vehicle when he shot her, contradicting statements by the President & his cronies
Reposted by Zack Whittaker
NEW: The internet in Iran is nearly completely shut down, according to internet monitoring firms.
The blackout comes in the midst of countrywide protests that have lasted for days after spikes in prices and shortages of basic goods. The govenrment has responded with a violent crackdown.
The blackout comes in the midst of countrywide protests that have lasted for days after spikes in prices and shortages of basic goods. The govenrment has responded with a violent crackdown.
Internet collapses in Iran amid protests over economic crisis | TechCrunch
Internet monitoring firms and experts say Iran’s internet has almost completely shut down, as protests spread through major cities.
techcrunch.com
January 8, 2026 at 6:36 PM
NEW: The internet in Iran is nearly completely shut down, according to internet monitoring firms.
The blackout comes in the midst of countrywide protests that have lasted for days after spikes in prices and shortages of basic goods. The govenrment has responded with a violent crackdown.
The blackout comes in the midst of countrywide protests that have lasted for days after spikes in prices and shortages of basic goods. The govenrment has responded with a violent crackdown.