Zack Whittaker
@zackwhittaker.com
Security editor, TechCrunch
Signal: zackwhittaker.1337
My stories: techcrunch.com/author/zack-whittaker
My newsletter/blog: this.weekinsecurity.com
Signal: zackwhittaker.1337
My stories: techcrunch.com/author/zack-whittaker
My newsletter/blog: this.weekinsecurity.com
We used to think of gov't spyware targeting only a select few, like terrorists and organized criminals.
But over years, spyware has hacked the phones of journalists, activists, lawyers, politicians, and seemingly regular people — and the pool of victims targeted by govts is quite wide.
Here's why.
But over years, spyware has hacked the phones of journalists, activists, lawyers, politicians, and seemingly regular people — and the pool of victims targeted by govts is quite wide.
Here's why.
Why a lot of people are getting hacked with government spyware | TechCrunch
Government surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficul...
techcrunch.com
November 10, 2025 at 2:40 PM
We used to think of gov't spyware targeting only a select few, like terrorists and organized criminals.
But over years, spyware has hacked the phones of journalists, activists, lawyers, politicians, and seemingly regular people — and the pool of victims targeted by govts is quite wide.
Here's why.
But over years, spyware has hacked the phones of journalists, activists, lawyers, politicians, and seemingly regular people — and the pool of victims targeted by govts is quite wide.
Here's why.
Reposted by Zack Whittaker
NEW: I tried to explain why there are so many victims of spyware, despite the fact that its makers have been telling us for years that the tech is only intended to be used in limited cases.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
Why a lot of people are getting hacked with government spyware | TechCrunch
Government surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficul...
techcrunch.com
November 10, 2025 at 2:16 PM
NEW: I tried to explain why there are so many victims of spyware, despite the fact that its makers have been telling us for years that the tech is only intended to be used in limited cases.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
Reposted by Zack Whittaker
If you're interested in #OSINT, this one might be for you. A short item in this week's newsletter on using Virustotal to find (clues to) leaked data.
buttondown.com/readwrite/ar...
buttondown.com/readwrite/ar...
November 10, 2025 at 1:02 PM
If you're interested in #OSINT, this one might be for you. A short item in this week's newsletter on using Virustotal to find (clues to) leaked data.
buttondown.com/readwrite/ar...
buttondown.com/readwrite/ar...
Logged on, screamed at the news, called my senator to express my utter disbelief, and now I am continuing to scream.
November 10, 2025 at 1:07 AM
Logged on, screamed at the news, called my senator to express my utter disbelief, and now I am continuing to scream.
Reposted by Zack Whittaker
Normally, I read through @zackwhittaker.com newsletter on Sunday and find a couple of things I missed, but with my travel schedule this week I missed a lot...thanks for catching me up Zack!
And, hopefully, you all are reading and subscribing to his newsletter as well!
And, hopefully, you all are reading and subscribing to his newsletter as well!
this week in security — november 9 2025 edition
SonicWall blames nation-state for theft of firewall backups, CBO hacked, Korea Telecom covered up hacks, North Korea's remote IT workers' scheme, and more.
this.weekinsecurity.com
November 9, 2025 at 4:28 PM
Normally, I read through @zackwhittaker.com newsletter on Sunday and find a couple of things I missed, but with my travel schedule this week I missed a lot...thanks for catching me up Zack!
And, hopefully, you all are reading and subscribing to his newsletter as well!
And, hopefully, you all are reading and subscribing to his newsletter as well!
Here's my latest edition of this.weekinsecurity.com, with all the cyber news you need to know from the week, including: SonicWall's firewall data breach, CBO gets hacked, Korea Telecom's very bad breach, hackers hijacking real-world cargo, Nevada's hack post-mortem, and more. Plus: a new cybercat!
this week in security — november 9 2025 edition
SonicWall blames nation-state for theft of firewall backups, CBO hacked, Korea Telecom covered up hacks, North Korea's remote IT workers' scheme, and more.
this.weekinsecurity.com
November 9, 2025 at 3:40 PM
Here's my latest edition of this.weekinsecurity.com, with all the cyber news you need to know from the week, including: SonicWall's firewall data breach, CBO gets hacked, Korea Telecom's very bad breach, hackers hijacking real-world cargo, Nevada's hack post-mortem, and more. Plus: a new cybercat!
Reposted by Zack Whittaker
hey remember when we were told we needed to be super worried about TikTok data falling into the wrong hands and that surely having Oracle hold onto it would be safer
New: Washington Post is the latest organization to confirm a data breach linked to the mass-hacks of Oracle E-Business apps, which companies use to store their business/HR data.
Google previously said that over 100 organizations have been hacked as part of the campaign.
Google previously said that over 100 organizations have been hacked as part of the campaign.
Washington Post confirms data breach linked to Oracle hacks | TechCrunch
The Washington Post is the latest victim of a hacking campaign by the notorious Clop ransomware gang, which relied on vulnerabilities in Oracle software used by many corporations.
techcrunch.com
November 7, 2025 at 8:44 PM
hey remember when we were told we needed to be super worried about TikTok data falling into the wrong hands and that surely having Oracle hold onto it would be safer
Reposted by Zack Whittaker
New: Washington Post is the latest organization to confirm a data breach linked to the mass-hacks of Oracle E-Business apps, which companies use to store their business/HR data.
Google previously said that over 100 organizations have been hacked as part of the campaign.
Google previously said that over 100 organizations have been hacked as part of the campaign.
Washington Post confirms data breach linked to Oracle hacks | TechCrunch
The Washington Post is the latest victim of a hacking campaign by the notorious Clop ransomware gang, which relied on vulnerabilities in Oracle software used by many corporations.
techcrunch.com
November 7, 2025 at 8:02 PM
New: Washington Post is the latest organization to confirm a data breach linked to the mass-hacks of Oracle E-Business apps, which companies use to store their business/HR data.
Google previously said that over 100 organizations have been hacked as part of the campaign.
Google previously said that over 100 organizations have been hacked as part of the campaign.
Reposted by Zack Whittaker
NEW: The U.S. Congressional Budget Office was hacked.
@doublepulsar.com found that the cause may be an unpatched Cisco ASA firewall. I asked CBO about that but it did not respond to the question.
techcrunch.com/2025/11/07/c...
@doublepulsar.com found that the cause may be an unpatched Cisco ASA firewall. I asked CBO about that but it did not respond to the question.
techcrunch.com/2025/11/07/c...
Congressional Budget Office confirms it was hacked | TechCrunch
The congressional research office confirmed a breach, but did not comment on the cause. A security researcher suggested the hack may have originated because CBO failed to patch a firewall for more tha...
techcrunch.com
November 7, 2025 at 4:38 PM
NEW: The U.S. Congressional Budget Office was hacked.
@doublepulsar.com found that the cause may be an unpatched Cisco ASA firewall. I asked CBO about that but it did not respond to the question.
techcrunch.com/2025/11/07/c...
@doublepulsar.com found that the cause may be an unpatched Cisco ASA firewall. I asked CBO about that but it did not respond to the question.
techcrunch.com/2025/11/07/c...
NEW, by me: Researchers have discovered an Android spyware that specifically targeted Samsung Galaxy phones during a nearly year-long hacking campaign. The spyware relied on a zero-day bug triggered by sending a victim a malware-laced photo via a messaging app. Victims are likely in the Middle East.
'Landfall' spyware abused zero-day to hack Samsung Galaxy phones | TechCrunch
A newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch.
techcrunch.com
November 7, 2025 at 12:13 PM
NEW, by me: Researchers have discovered an Android spyware that specifically targeted Samsung Galaxy phones during a nearly year-long hacking campaign. The spyware relied on a zero-day bug triggered by sending a victim a malware-laced photo via a messaging app. Victims are likely in the Middle East.
Reposted by Zack Whittaker
In my deep-dive article on this.weekinsecurity.com, I explain how the North Korean remote IT workers' scheme works, why it's incredibly effective as a "triple threat," and what companies large and small can do to identify suspicious applicants before they're hired.
Please share!
Please share!
Thousands of North Koreans have secretly infiltrated US and European companies as remote IT workers
North Korea's secret remote workers are a major threat facing U.S. and European businesses today, taking jobs in Fortune 100 and smaller companies alike. Here's how to recognize and combat the threat.
this.weekinsecurity.com
November 6, 2025 at 1:44 PM
In my deep-dive article on this.weekinsecurity.com, I explain how the North Korean remote IT workers' scheme works, why it's incredibly effective as a "triple threat," and what companies large and small can do to identify suspicious applicants before they're hired.
Please share!
Please share!
From one of the Wired reporters laid off:
Also, fyi, @jakelahut.writes.news also has a blog to check out. straightfromthehut.substack.com
Also, fyi, @jakelahut.writes.news also has a blog to check out. straightfromthehut.substack.com
As my general two cents: don't cancel your WIRED subscriptions.
Best culture, best newsroom of anywhere I've worked. I love the living shit out of these folks, and they don't deserve to be negatively impacted by a decision that was made by the parent company, not them. And it's only $2 a month.
Best culture, best newsroom of anywhere I've worked. I love the living shit out of these folks, and they don't deserve to be negatively impacted by a decision that was made by the parent company, not them. And it's only $2 a month.
November 6, 2025 at 7:24 PM
From one of the Wired reporters laid off:
Also, fyi, @jakelahut.writes.news also has a blog to check out. straightfromthehut.substack.com
Also, fyi, @jakelahut.writes.news also has a blog to check out. straightfromthehut.substack.com
Reposted by Zack Whittaker
I'm one of the four fired employees. I was a writer & producer at Bon Appétit for nearly five years, during which I helped organize our union and sat on our bargaining committee.
I am, to my knowledge, the only trans woman in our union and the only trans woman on editorial who doesn't work at Them
I am, to my knowledge, the only trans woman in our union and the only trans woman on editorial who doesn't work at Them
New: Conde Nast fired four employees who were among a group that confronted the company's head of human resources on Wednesday over the decision to fold Teen Vogue into Vogue/recent cuts. Employees who were fired included journalists from the New Yorker, Wired, and Bon Appétit.
November 6, 2025 at 6:32 PM
I'm one of the four fired employees. I was a writer & producer at Bon Appétit for nearly five years, during which I helped organize our union and sat on our bargaining committee.
I am, to my knowledge, the only trans woman in our union and the only trans woman on editorial who doesn't work at Them
I am, to my knowledge, the only trans woman in our union and the only trans woman on editorial who doesn't work at Them
Reposted by Zack Whittaker
New: Conde Nast fired four employees who were among a group that confronted the company's head of human resources on Wednesday over the decision to fold Teen Vogue into Vogue/recent cuts. Employees who were fired included journalists from the New Yorker, Wired, and Bon Appétit.
November 6, 2025 at 5:49 PM
New: Conde Nast fired four employees who were among a group that confronted the company's head of human resources on Wednesday over the decision to fold Teen Vogue into Vogue/recent cuts. Employees who were fired included journalists from the New Yorker, Wired, and Bon Appétit.
Reposted by Zack Whittaker
NEW: The Paragon spyware scandal in Italy widens again.
A political consultant who works with left-wing politicians, who are part of the opposition party Partito Democratico, has now come out as the latest target.
"It is time to ask a very simple question: Why? Why me?" Francesco Nicodemos said.
A political consultant who works with left-wing politicians, who are part of the opposition party Partito Democratico, has now come out as the latest target.
"It is time to ask a very simple question: Why? Why me?" Francesco Nicodemos said.
Italian political consultant says he was targeted with Paragon spyware | TechCrunch
WhatsApp notified the consultant, who works for left-wing politicians, that his phone was targeted with spyware made by Paragon.
techcrunch.com
November 6, 2025 at 5:39 PM
NEW: The Paragon spyware scandal in Italy widens again.
A political consultant who works with left-wing politicians, who are part of the opposition party Partito Democratico, has now come out as the latest target.
"It is time to ask a very simple question: Why? Why me?" Francesco Nicodemos said.
A political consultant who works with left-wing politicians, who are part of the opposition party Partito Democratico, has now come out as the latest target.
"It is time to ask a very simple question: Why? Why me?" Francesco Nicodemos said.
Reposted by Zack Whittaker
Meta’s own researchers concluded that a third of the scams in the U.S. happen over its platforms and that fraudulent ads and those for banned products might contribute a tenth of its revenue. www.reuters.com/investigatio...
Meta is earning a fortune on a deluge of fraudulent ads, documents show
Meta projected 10% of its 2024 revenue would come from ads for scams and banned goods, and it internally estimates that its platforms show users 15 billion scam ads a day, company documents show.
www.reuters.com
November 6, 2025 at 3:44 PM
Meta’s own researchers concluded that a third of the scams in the U.S. happen over its platforms and that fraudulent ads and those for banned products might contribute a tenth of its revenue. www.reuters.com/investigatio...
*endless screaming*
This will be *interesting*: Tinder to begin accessing your camera roll for “insight” & training its AI models #privacy #AI techcrunch.com/2025/11/05/t...
Tinder to use AI to get to know users, tap into their Camera Roll photos | TechCrunch
Tinder is testing a feature called Chemistry that will get to know users through questions and, with permission, will access Camera Roll photos on their phones to learn more about their interests and ...
techcrunch.com
November 6, 2025 at 4:10 PM
*endless screaming*
Reposted by Zack Whittaker
Cfius agreements with Chinese companies “do not protect national security,” said Matthew Pottinger, who now chairs the China program at the Foundation for Defense of Democracies. “It’s a fig leaf for capitulation.”
www.bloomberg.com/news/feature...
www.bloomberg.com/news/feature...
Saga of Chinese Trucking Firm Exposes US National Security Gaps
American officials thought they’d secured a deal with TuSimple to protect autonomous-driving technology. It didn’t work.
www.bloomberg.com
November 6, 2025 at 11:18 AM
Cfius agreements with Chinese companies “do not protect national security,” said Matthew Pottinger, who now chairs the China program at the Foundation for Defense of Democracies. “It’s a fig leaf for capitulation.”
www.bloomberg.com/news/feature...
www.bloomberg.com/news/feature...
Reposted by Zack Whittaker
The FBI is trying to unmask the owner of infamous archiving site Archive.is, according to a subpoena the site posted. No other information given, the site quietly posted the document a few days ago. FBI telling domain registrar to hand over all sorts of ID'ing info
www.404media.co/fbi-tries-to...
www.404media.co/fbi-tries-to...
FBI Tries to Unmask Owner of Infamous Archive.is Site
The FBI has subpoenaed the domain registrar of archive.today, demanding information about the owner.
www.404media.co
November 6, 2025 at 3:16 PM
The FBI is trying to unmask the owner of infamous archiving site Archive.is, according to a subpoena the site posted. No other information given, the site quietly posted the document a few days ago. FBI telling domain registrar to hand over all sorts of ID'ing info
www.404media.co/fbi-tries-to...
www.404media.co/fbi-tries-to...
New, by me at this.weekinsecurity.com: I wrote ~3,700 of my finest words on North Korea's remote IT workers, who have infiltrated businesses across the U.S. and Europe and aren't slowing down. Probably the most pervasive cyber threats today.
Here's my primer on how to recognize & combat them.
Here's my primer on how to recognize & combat them.
Thousands of North Koreans have secretly infiltrated US and European companies as remote IT workers
North Korea's secret remote workers are a major threat facing U.S. and European businesses today, taking jobs in Fortune 100 and smaller companies alike. Here's how to recognize and combat the threat.
this.weekinsecurity.com
November 6, 2025 at 1:35 PM
New, by me at this.weekinsecurity.com: I wrote ~3,700 of my finest words on North Korea's remote IT workers, who have infiltrated businesses across the U.S. and Europe and aren't slowing down. Probably the most pervasive cyber threats today.
Here's my primer on how to recognize & combat them.
Here's my primer on how to recognize & combat them.
Reposted by Zack Whittaker
Vital piece of investigative reporting from Sky. They've uncovered the X algorithm which feeds users extremist right wing material from the moment they join the site. It is a far-right radicalisation engine, by design.
news.sky.com/story/the-x-...
news.sky.com/story/the-x-...
Elon Musk is boosting the British right - and this shows how
Elon Musk is boosting the British right - and this shows how
news.sky.com
November 6, 2025 at 7:23 AM
Vital piece of investigative reporting from Sky. They've uncovered the X algorithm which feeds users extremist right wing material from the moment they join the site. It is a far-right radicalisation engine, by design.
news.sky.com/story/the-x-...
news.sky.com/story/the-x-...
Reposted by Zack Whittaker
DHS says it’s proceeding with planned layoffs at the Cybersecurity and Infrastructure Security Agency, despite a recent court order barring workforce reductions across parts of the federal government during the ongoing shutdown:
www.nextgov.com/people/2025/...
www.nextgov.com/people/2025/...
DHS says shutdown layoffs at CISA will proceed despite court injunction
The cybersecurity agency says it has complied with the court’s order because the firing of 54 people in its Stakeholder Engagement Division was planned beforehand and doesn’t affect unionized employee...
www.nextgov.com
November 5, 2025 at 7:48 PM
DHS says it’s proceeding with planned layoffs at the Cybersecurity and Infrastructure Security Agency, despite a recent court order barring workforce reductions across parts of the federal government during the ongoing shutdown:
www.nextgov.com/people/2025/...
www.nextgov.com/people/2025/...
Things feel better today. Still not great! But definitely better.
November 5, 2025 at 7:09 PM
Things feel better today. Still not great! But definitely better.
New: The University of Pennsylvania has confirmed a data breach after last week's cyberattack that saw a hacker mass-email thousands of students, staff and alumni saying, "We were hacked."
by @amanda.omg.lol:
by @amanda.omg.lol:
University of Pennsylvania confirms hacker stole data during cyberattack | TechCrunch
Penn experienced a data breach on Friday as hackers sent messages boasting of the hack to the university community.
techcrunch.com
November 5, 2025 at 3:28 PM
New: The University of Pennsylvania has confirmed a data breach after last week's cyberattack that saw a hacker mass-email thousands of students, staff and alumni saying, "We were hacked."
by @amanda.omg.lol:
by @amanda.omg.lol: