Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

He can also be reached by email: zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

An adult sexting site exposed thousands of models’ passports and driver’s licenses

A popular sexting website has exposed thousands of photo IDs belonging to models and sex workers who earn commissions from the site. SextPanther, an Arizona-based adult site, stored more than 11,000 i

Should tech giants slam the encryption door on the government?

Reuters reported yesterday, citing six sources familiar with the matter, that the FBI pressured Apple into dropping a feature that would allow users to encrypt iPhone backups stored in Apple’s c

UN calls for investigation after Saudis linked to Bezos phone hack

United Nations experts are calling for an investigation after a forensic report said Saudi officials “most likely” used a mobile hacking tool, such as one built by the NSO Group, to hack i

Microsoft says it will fix an Internet Explorer security bug under active attack

Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers, but that it has no immediate plans to fix. In a late-evening tweet, US-CERT, the division of Hom

The US government should stop demanding tech companies compromise on encryption

In a tweet late Tuesday, President Trump criticized Apple for refusing “to unlock phones used by killers, drug dealers and other violent criminal elements.” Trump was specifically referri

Buttigieg’s CISO resigns, leaving no known cybersecurity chiefs among the 2020 candidates

Presidential candidate Pete Buttigieg has lost his campaign’s chief information security officer, citing “differences” with the campaign over its security practices. Mick Baccio, who

Google finally brings its security key feature to iPhones

More than half a year after Google said Android phones could be used as a security key, the feature is coming to iPhones. Google said it’ll bring the feature to iPhones in an effort to give at-r

Cloudflare is giving away its security tools to US political campaigns

Network security giant Cloudflare said it will provide its security tools and services to U.S. political campaigns for free, as part of its efforts to secure upcoming elections against cyberattacks an

Microsoft and NSA say a security bug affects millions of Windows 10 computers

Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10. The vulnerability is found in a decades-old Windows cryptographic

Amazon fires employees for leaking customer email addresses and phone numbers

Amazon has fired a number of employees after they shared customer email address and phone numbers with a third-party “in violation of our policies.” The email to customers sent Friday afte

A billion medical images are exposed online, as doctors ignore warnings

This story was reported in partnership with health news site The Mighty. Every day, millions of new medical images containing the personal health information of patients are spilling out onto the inte

Mozilla says a new Firefox security bug is under active attack

Mozilla has warned Firefox users to update their browser to the latest version after security researchers found a vulnerability that hackers were actively exploiting in “targeted attacks”

As ransomware gets craftier, companies must start thinking creatively

Some say ransomware is in decline. Others say it’s getting craftier. File-encrypting malware, known as ransomware, infects vulnerable computers and scrambles its files, inviting victims to retur

Homeland Security warns businesses to brace for Iranian cyberattacks

Homeland Security is warning U.S. companies to “consider and assess” the possible impacts and threat of a cyberattack on their businesses following heightened tensions with Iran. It’

2019 was a hot mess for cybersecurity, but 2020 shows promise

It’s no secret that I hate predictions — not least because the security field changes rapidly, making it difficult to know what’s next. But given what we know about the past year, we can

Travelex suspends services after malware attack

Travelex, a major international foreign currency exchange, has confirmed it has suspended some services after it was hit by malware on December 31. The London-based company, which operates more than 1

Here’s where California residents can stop companies selling their data

California’s new privacy law is now in effect, allowing state residents to take better control of the data that’s collected on them — from social networks, banks, credit agencies and mor

A ton of Ruckus wireless routers are vulnerable to hackers

A security researcher has found several vulnerabilities in a number of Ruckus wireless routers, which the networking giant has since patched. Gal Zror told TechCrunch that the vulnerabilities he found

A Twitter app bug was used to match 17 million phone numbers to user accounts

A security researcher said he has matched 17 million phone numbers to Twitter user accounts by exploiting a flaw in Twitter’s Android app. Ibrahim Balic found that it was possible to upload enti

No, Spotify, you shouldn’t have sent mysterious USB drives to journalists

Last week, Spotify sent a number of USB drives to reporters with a note: “Play me.” It’s not uncommon for reporters to receive USB drives in the post. Companies distribute USB drives
Load More