Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

He can also be reached by email: zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

Yubico launches its dual USB-C and Lightning two-factor security key

Almost two months after it was first announced, Yubico has launched the YubiKey 5Ci, a security key with dual support for iPhones, Macs and other USB-C compatible devices. Yubico’s newest YubiKe

Twitter says accounts linked to China tried to ‘sow political discord’ in Hong Kong

Twitter says a significant information operation involving hundreds of accounts linked to China were part of an effort to deliberately “sow political discord” in Hong Kong after weeks of p

After data incidents, Instagram expands its bug bounty

Facebook is expanding its data abuse bug bounty to Instagram . The social media giant, which owns Instagram, first rolled out its data abuse bounty in the wake of the Cambridge Analytica scandal, whic

An anonymous hentai porn site exposed over a million users’ emails

A popular hentai porn site that promises anonymity to its 1.1 million users left a user database exposed without a password, allowing anyone to identify users by their email addresses. You might not h

Amazon customers say they received emails for other people’s orders

Users have said they are receiving emails from Amazon containing invoices and order updates on other customers, TechCrunch has learned. Jake Williams, founder of cybersecurity firm Rendition Infosec,

8 million Android users tricked into downloading 85 adware apps from Google Play

Dozens of Android adware apps disguised as photo-editing apps and games have been caught serving ads that would take over users’ screens as part of a fraudulent money-making scheme. Security fir

US Cyber Command has publicly posted malware linked to a North Korea hacking group

U.S. Cyber Command, the sister division of the National Security Agency focused on offensive hacking and security operations, has released a set of new samples of malware linked to North Korean hacke

Cloudflare says cutting off customers like 8chan is an IPO ‘risk factor’

Networking and web security giant Cloudflare says the recent 8chan controversy may be an ongoing “risk factor” for its business on the back of its upcoming initial public offering. The San

What security pros need to know from Black Hat & Def Con 2019

Black Hat and Def Con came and went as quickly as it ever does. The week-long pair of back-to-back conferences, referred to as “hacker summer camp,” draws in the security crowd from across

Credit Karma glitch exposed users to other people’s accounts

Users of credit monitoring site Credit Karma have complained that they were served other people’s account information when they logged in. Many took to a Reddit thread and complained on Twitter

Ex-NSA chief Mike Rogers and Team8 founder Nadav Zafrir will be at Disrupt SF

What happens when two former spies meet the startup world? We’re about to find out. We’re pleased to announce former National Security Agency director Adm. Mike Rogers will be at Disrupt S

A new app can detect Bluetooth credit card skimmers on gas pumps

A team of computer scientists has built a new app that can wirelessly detect credit card skimmers, often found discreetly placed on gas pumps and bank ATMs. Gone are the days where entire card skimmer

Facebook transcribed users’ audio messages without permission

“The future is private.” Clearly, Facebook still has a way to go. Facebook has become the latest tech giant to face scrutiny over its handling of users’ data, following a report that

This hacker’s iPhone charging cable can hijack your computer

Most people don’t think twice about picking up a phone charging cable and plugging it in. But one hacker’s project wants to change that and raise awareness of the dangers of potentially ma

How safe are school records? Not very, says student security researcher

If you can’t trust your bank, government or your medical provider to protect your data, what makes you think students are any safer? Turns out, according to one student security researcher, they

Hundreds of exposed Amazon cloud backups found leaking sensitive data

How safe are your secrets? If you used Amazon’s Elastic Block Storage snapshots, you might want to check your settings. New research just presented at the Def Con security conference reveals how

Robocall blocking apps caught sending your private data without permission

Robocall-blocking apps promise to rid your life of spoofed and spam phone calls. But are they as trustworthy as they claim to be? One security researcher said many of these apps can violate your priva

Apple expands its bug bounty, increases maximum payout to $1M

Apple is finally giving security researchers something they’ve wanted for years: a macOS bug bounty. The technology giant said Thursday it will roll out the bug bounty program to include Macs an

Flawed office printers are a silent but serious target for hackers

You probably don’t think too much about your humble office printer. But they’re a prime target for hackers, if any of the dozens of vulnerabilities found by security researchers are anythi

Group dating app 3Fun exposed sensitive data on 1.5 million users

More than 1.5 million users of a group dating service had their personal data exposed — including their real-time location — because of a vulnerability in the app. The dating site, 3Fun, bills its
Load More