Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

Google pulls ‘stalkerware’ ads that promoted phone spying apps

Google has pulled several “stalkerware” ads that violated its policies by promoting apps that encouraged prospective users to spy on their spouses’ phone. These consumer-grade spywar

Security takes center stage at TC Sessions: SaaS this month

Microsoft, Cisco and Amplitude talk security at TC Sessions: SaaS this month. Enterprises face a constant stream of threats, from nation-state hackers and cybercriminals to corporate insiders. But the

Twitch confirms hack after source code and creator payout data leaks online

A huge cache of source code repositories, creator payouts and other internal data from Twitch has been published online after a data breach, the company has confirmed. In a post on Tuesday (but which

Facebook, WhatsApp and Instagram are slowly returning. Why did they disappear to begin with?

Facebook’s day-long outage is by far its longest and most extreme in years. At around 9 a.m. PDT on the U.S. West Coast — where the social giant is headquartered — Facebook, WhatsApp

Russian authorities arrest cybersecurity giant Group-IB’s CEO on treason charges

Russian authorities have arrested and detained Ilya Sachkov, the co-founder and chief executive of Group-IB — one of the biggest cybersecurity companies in the country — on charges of treason. Det

YC-backed Malloc wants to take the sting out of mobile spyware

Mobile spyware is one of the most invasive and targeted kinds of unregulated surveillance, since it can be used to track where you go, who you see and what you talk about. And because of its stealthy

Twitter’s Rinki Sethi on why CISOs win when security is a shared responsibility

Sethi draws on her decade-plus cybersecurity experience to talk about the role of the modern CISO and how the next-generation of CISOs can stay ahead.

Osano, a risk and compliance startup, raises $11M

Osano, a risk and compliance startup, has confirmed it has raised $11 million in new funding. The round was led by Jump Capital, with participation from existing investors LiveOak Venture Partners and

An email ‘autodiscover’ bug is helping to leak thousands of Windows passwords

Shipping companies, power plants and investment banks don’t often share much in common, but new research shows they are all inadvertently leaking thousands of email passwords of their own employ

Web host Epik was warned of a critical security flaw weeks before it was hacked

Hackers associated with the hacktivist collective Anonymous say they have leaked gigabytes of data from Epik, a web host and domain registrar that provides services to far-right sites like Gab, Parler

Apple patches an NSO zero-day flaw affecting all devices

Apple has released security updates for a zero-day vulnerability that affects every iPhone, iPad, Mac and Apple Watch. Citizen Lab, which discovered the vulnerability and was credited with the find, u

Technology giant Olympus hit by BlackMatter ransomware

Olympus said in a brief statement that it is “currently investigating a potential cybersecurity incident” affecting its European, Middle East and Africa computer network. “Upon detec

WhatsApp will finally let users encrypt their chat backups in the cloud

WhatsApp said on Friday it will give its two billion users the option to encrypt their chat backups to the cloud, taking a significant step to put a lid on one of the tricky ways private communication

Texas Right to Life website exposed job applicants’ resumes

Anti-abortion group Texas Right to Life exposed the personal information of hundreds of job applicants after a website bug allowed anyone to access their resumes, which were stored in an unprotected d

Apple delays plans to roll out CSAM detection in iOS 15 after privacy backlash

Apple has delayed plans to roll out its child sexual abuse (CSAM) detection technology that it chaotically announced last month, citing feedback from customers and policy groups. That feedback, if you

FTC bans spyware maker SpyFone, and orders it to notify hacked victims

The Federal Trade Commission has unanimously voted to ban the spyware maker SpyFone and its chief executive Scott Zuckerman from the surveillance industry, the first order of its kind, after the agenc

Apple secures first states to support digital driver’s licenses, but privacy questions linger

Apple’s plan to digitize your wallet is slowly taking shape. What started with boarding passes and venue tickets later became credit cards, subway tickets and student IDs. Next on Apple’s

A popular smart home security system can be remotely disarmed, researchers say

A cybersecurity company says a popular smart home security system has a pair of vulnerabilities that can be exploited to disarm the system altogether. Rapid7 found the vulnerabilities in the Fortress

A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab

A Bahraini human rights activist’s iPhone was silently hacked earlier this year by a powerful spyware sold to nation-states, defeating new security protections that Apple designed to withstand c

Google says geofence warrants make up one-quarter of all US demands

For the first time, Google has published the number of geofence warrants it’s historically received from U.S. authorities, providing a rare glimpse into how frequently these controversial warran
Load More