Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

He can also be reached by email: zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

Twitter, Reddit challenge US rules forcing visa applicants to disclose their social media handles

Twitter and Reddit have filed an amicus brief in support of a lawsuit challenging a U.S. government rule change compelling visa applicants to disclose their social media handles. The lawsuit, brought

ICE used ‘stingray’ cell phone snooping tech hundreds of times since 2017

Newly released documents show U.S. immigration authorities have used a secretive cell phone snooping technology hundreds of times across the U.S. in the past three years. The documents, obtained throu

A new Android bug, StrandHogg 2.0, lets malware pose as real apps and steal user data

Security researchers have found a major vulnerability in almost every version of Android, which lets malware imitate legitimate apps to steal app passwords and other sensitive data. The vulnerability,

A massive database of 8 billion Thai internet records leaks

Thailand’s largest cell network AIS has pulled a database offline that was spilling billions of real-time internet records on millions of Thai internet users. Security researcher Justin Paine sa

Hackers release a new jailbreak that unlocks every iPhone

A renowned iPhone hacking team has released a new “jailbreak” tool that unlocks every iPhone, even the most recent models running the latest iOS 13.5. For as long as Apple has kept up its

Home Chef confirms breach after 8 million user records found on the dark web

Meal delivery service Home Chef has confirmed a data breach, two weeks after a data breach seller listed a database of 8 million customer records on a dark web marketplace. The Chicago-based company s

How to decode a data breach notice

Over the years I’ve seen hundreds, probably thousands, of data breach notifications warning that a company’s data was lost, stolen or left online for anyone to grab. Most of them look larg

Decrypted: No warrants for web data, UK grid cyberattack, CyberArk buys Idaptive

One vote. That’s all it needed for a bipartisan Senate amendment to pass that would have stopped federal authorities from further accessing millions of Americans’ browsing records. But it

EasyJet says 9 million travel records taken in data breach

EasyJet, the U.K.’s largest airline, said hackers have accessed the travel details of 9 million customers. The budget airline said 2,200 customers also had their credit card details accessed in

Users say Robinhood is down as stocks soar

Users are reporting that trading platform Robinhood was down during early morning trading that saw stock markets soar. Robinhood’s status page says all systems are “operational,” but

Senate narrowly rejects plan to require a warrant for Americans’ browsing data

Senators have narrowly rejected a bipartisan amendment that would have required the government first obtain a warrant before accessing Americans’ web browsing data. The amendment brought by Sens

FBI and DHS accuse Chinese hackers of targeting US COVID-19 research

In a rare joint public statement, the FBI and Homeland Security’s cybersecurity advisory unit CISA have accused top Chinese hackers of trying to steal U.S. research related to the coronavirus st

CyberArk snaps up identity startup Idaptive for $70M

Israeli cybersecurity company CyberArk has acquired identity startup Idaptive for $70 million in an all-cash deal. CyberArk is one of the shining stars in the Israeli cybersecurity scene before its in

Facebook to pay $52 million to content moderators suffering from PTSD

Facebook has agreed in principle to pay $52 million to compensate current and former content moderators who developed mental health issues on the job. The Verge reported Tuesday that the settlement wi

Decrypted: Contact-tracing privacy, Zoom buys Keybase, Microsoft eyes CyberX

As the world looks to reopen after weeks of lockdown, governments are turning to contact tracing to understand the spread of the deadly coronavirus. Most nations are leaning toward privacy-focused app

Yubico now lets enterprises ship security keys directly to their employees

Yubico, a maker of security keys, has launched a new service that lets enterprise customers ship its YubiKey security keys directly to their employees, partners and customers — even to their homes.

Slack now strips location data from uploaded images

Slack has started to strip uploaded photos of their metadata. What may seem like an inconsequential change to how the tech giant handles storing files on its servers, it will make it far more difficul

US Marshals says prisoners’ personal information taken in data breach

A data breach at the U.S. Marshals Service exposed the personal information of current and former prisoners, TechCrunch has learned. A letter sent to those affected, and obtained by TechCrunch, said t

A passwordless server run by spyware maker NSO sparks contact-tracing privacy concerns

As countries work to reopen after weeks of lockdown, contact-tracing apps help to understand the spread of the deadly coronavirus strain, COVID-19. While most governments lean toward privacy-focused a

Decrypted: Chegg’s third time unlucky, Okta’s new CSO, Rapid7 beefs up cloud security

Ransomware is getting sneakier and smarter. The latest example comes from ExecuPharm, a little-known but major outsourced pharmaceutical company that confirmed it was hit by a new type of ransomware l
Load More