Zack Whittaker
LightNews LightNews
banner
zackwhittaker.com
Zack Whittaker
@zackwhittaker.com
15K followers 250 following 550 posts
Security editor, TechCrunch
Signal: zackwhittaker.1337
My stories: techcrunch.com/author/zack-whittaker
My newsletter/blog: this.weekinsecurity.com
Posts Replies Media Videos
zackwhittaker.com
Find out why this sticker on my laptop (photo below) features a crying Kim Jong Un, with the words: "Don't hire a spy; say something to make Kim cry."

If you want to sign up for my free weekly newsletter (or $10/month for articles and more), you can sign up over here: this.weekinsecurity.com
a photo showing the back of a Mac laptop with a sticker, which has a cartoon image of Kim Jong Un crying, with the circular text that reads: "Don't hire a spy, say something to make Kim cry."
November 7, 2025 at 1:27 AM
zackwhittaker.com
Theo doesn't really understand democracy (though, I think he would probably say his feeding schedule is downright authoritarian) but as someone who does, and these days gets to vote, it's something I never take for granted.
my cat, Theo, with white and grey fur, asleep upside down with a little fang showing.
November 5, 2025 at 7:13 PM
zackwhittaker.com
New laptop sticker just dropped.
a photo of my laptop lid, with an NPR sticker that reads: "Feral for the Free Press," plus a cartoon shooting star with a smiley-face and a rainbow trail.
November 1, 2025 at 12:05 PM
zackwhittaker.com
Thankful for my partner who, while I'm on the other side of the country, calls me to FaceTime with our cats.
a facetime screenshot of my cat, Theo, asleep on the couch. you can see his little toe beans. a facetime screenshot of my cat, Toby, who looks assertive and sarcastic, which is very much his personality so no surprise there. he is very handsome.
October 30, 2025 at 4:13 AM
zackwhittaker.com
House Republicans James Comer and Nancy Mace wrote a letter to TeaOnHer founder Xavier Lampkin demanding answers about the app's poor cybersecurity practices, citing my TechCrunch story earlier this year that found the app exposing users’ gov't-issued IDs and selfies. therecord.media/teaonher-app...
a screenshot from The Record's story, which reads: Comer and Mace also focused on TeaOnHer's poor cybersecurity practices. In August, TechCrunch found a security vulnerability in TeaOnHer that let anyone access users' emails addresses, driver's licenses, selfies and locations. "If true, the Committee's concerns extend to the vulnerability of the images and information associated with the women and minors who did not provide consent to have their information uploaded to your application," the lawmakers wrote, citing the TechCrunch report. a meme of a guy looking cross, with the headline: "Heartbreaking: The Worst Person You Know Just Made a Great Point"
October 24, 2025 at 6:06 PM
zackwhittaker.com
My favorite #NoKings sign seen in my neighborhood today.
a protest sign, half in blue and half in red, with a cartoon of a black cat with a grumpy face kicking a crown, and it reads: "NOPE" (with a red tie imitating Trump's tied through the 'O') and "SINCE 1776".
October 18, 2025 at 10:16 PM
zackwhittaker.com
A timeline cleanse, if anyone needs one. This is Theo, basking in the mid-afternoon sun.
a photo of my russian blue cat, Theo, who can be seen here in a stream of sunlight on a blue floral rug, stood and looking at the camera.
October 15, 2025 at 9:26 PM
zackwhittaker.com
Toby wishes everyone a peaceful evening.
a photo of my tabby cat Toby, asleep on a green cushion, with his feet curled up so that you can see his cute little toe beans.
October 13, 2025 at 12:17 AM
zackwhittaker.com
New Windows wallpaper just dropped.
my cat, Theo, sprawled out asleep on a rug, with a stream of light passing over him as if to project a windows-style shadow.
October 5, 2025 at 1:43 PM
zackwhittaker.com
We verified the bug by uploading a new Partiful profile photo taken from outside of Moscone West in SF, which contained the photo’s precise location. When we checked the metadata of the photo on Partiful’s server, it *still* had the photo's exact coordinates.

More: techcrunch.com/2025/10/04/e...
a screenshot from the TechCrunch article, showing a photo (left) of outside Moscone West in San Francisco, and another photo (right) showing the location marker from the photo on a Google Map.
October 4, 2025 at 4:09 PM
zackwhittaker.com
Spot the two glaring typos in the White House's daily press schedule email sent out this morning.

"THE PRESIDENT recieves his Intelligence Brieifing."
a screenshot from the White House's press briefing email, which has two typos in the line: "THE PRESIDENT recieves his Intelligence Brieifing."
August 28, 2025 at 11:19 AM
zackwhittaker.com
Update your iPhones, iPads and Macs. A new Apple software update went out fixing a zero-day security flaw under attack.

"Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."

support.apple.com/en-us/124925
a screenshot of iOS 18.6.2, which fixes a memory corruption bug. It reads: "This update provides important security fixes and is recommended for all users."
August 20, 2025 at 8:02 PM
zackwhittaker.com
Another Totally Normal Day™ on the White House press pool email list.
a screenshot of an email from the White House press email list, which reads as follows: White House Press Secretary Karoline Leavitt brought us back to the Rose Garden and told us that the president is testing the new speakers for "what will be the best event in the history of the White House." She said the next party is "hopefully soon." Trump is currently controlling the playlist. "Whiter Shade of Pale" by Procol Harum is currently playing.
August 19, 2025 at 8:34 PM
zackwhittaker.com
a photo/meme of Matthew McConaughey smoking a cigarette with an extremely alarmed expression on his face and in his eyes
August 14, 2025 at 1:11 PM
zackwhittaker.com
a screenshot from a simpsons episode, showing a tv screen, which reads "technical difficulties, please stand by," showing a cute puppy pulling a plug out of a wall socket
August 13, 2025 at 4:53 PM
zackwhittaker.com
Reading this in British English, this is the most passive aggressive shade throwing I've ever seen from the U.K. government. www.gov.uk/government/n...
advice from the UK government's national drought group, which gives six valid options for "how to save water at home," then a seventh option which clearly identifies data centers as a major source of water use, which says "delete old emails and pictures as data centers require vast amounts of water to cool their systems."
August 12, 2025 at 2:32 PM
zackwhittaker.com
There is absolutely no reason to include "noindex" code on your data breach notification page, unless of course you're deliberately trying to hide it from search engines so people can't find the information they need.

More: techcrunch.com/2025/08/07/d...
a screenshot of Bouygues' data breach page, which contains "noindex" code preventing search engines from indexing the page.
August 7, 2025 at 1:48 PM
zackwhittaker.com
Just a normal thing to read on the White House press pool email list.
email from a White House press pooler: "Presidential roof walk ended 11:05. White House said he was there for 20 minutes."
August 5, 2025 at 5:21 PM
zackwhittaker.com
Sometimes he just lies on the floor, melted and meowing, wanting to be noticed.
my cat Theo, half asleep on the living room rug, meowing with his mouth half open.
July 30, 2025 at 12:42 PM
zackwhittaker.com
There it is: notorious Russian cybercrime forum XSS.is seized and its alleged administrator arrested, per Europol. www.europol.europa.eu/media-press/...
the seizure notice on XSS.is, which reads: "This domain has been seized by la Brigade de Lutte Contre la Cybercriminalité with assistance of the SBU Cyber Department."
July 23, 2025 at 2:32 PM
zackwhittaker.com
When AI "leaders" warn of AI problems.
an Axios headline that reads: "OpenAI CEO Sam Altman warns of AI 'fraud crisis' targeting consumer accounts" a meme of a guy in a hot dog suit, with the caption: "We're all trying to find the guy who did this"
July 22, 2025 at 6:28 PM
zackwhittaker.com
Hell is a scam group text sent to 18 other people.
a screenshot of a text message, which claims to be a UPS Ground redelivery notice but is obviously a scam text. There are 19 people on this text message chain.
July 22, 2025 at 5:05 PM
zackwhittaker.com
The slightly good news is that it's possible to identify and remove the Catwatchful spyware (if it's safe to do so, given removing spyware can alert the abuser).

Catwatchful has a backdoor code, which forces the hidden stalkerware app to reveal itself.

My full story: techcrunch.com/2025/07/02/d...
a screenshot showing "543210" typed into an Android phone app keypad, which when you hit the "call" button, reveals the Catwatchful spyware app.
July 2, 2025 at 2:22 PM
zackwhittaker.com
I am once again asking companies to not be absolute shitbags about their data breach disclosures, such as deliberately blocking search engines from seeing the page by using a "noindex" tag in its HTML.

Today's edition: Australian airline Qantas.

My story: techcrunch.com/2025/07/02/q...
a screenshot showing Qantas' official cyber incident page, which contains information for customers about its recent data breach. The screenshot contains the "inspector" view, showing the web page's source code as containing a "noindex" tag, preventing search engines (and anyone searching for the page) from finding it.
July 2, 2025 at 12:04 PM
zackwhittaker.com
Looks like we have a classic case of "I give up, it's Friday."
my cat Theo, a grey and white Russian blue cat, laying on his back on the rug/floor of my living room with his paws up and legs sprawling, with a nonchalant look on his face.
June 27, 2025 at 7:59 PM