Zack Whittaker

Zack Whittaker

Security editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

He can also be reached by email: zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

VC funding of cybersecurity companies hits record $5.3B in 2018

2018 wasn’t all bad. It turned out to be a record year for venture capital firms investing in cybersecurity companies. According to new data out by Strategic Cyber Ventures, a cybersecurity-focu

These are all the federal HTTPS websites that’ll expire soon because of the US government shutdown

We like to think of ourselves as nerds here at TechCrunch, which is why we’re bringing you this. During the government shutdown, security experts noticed several federal websites were throwing b

Decrypted Telegram bot chatter revealed as new Windows malware

Sometimes it take a small bug in one thing to find something massive elsewhere. During a recent investigation, security firm Forcepoint Labs said it found a new kind of malware that was found taking i

A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts

A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise. The plugin, Social Network Tabs, w

Fortnite bugs put accounts at risk of takeover

With one click, any semi-skilled hacker could have silently taken over a Fortnite account, according to a cybersecurity firm that says the bug is now fixed. Researchers at Check Point say the three vu

Researcher shows how popular app ES File Explorer exposes Android device data

Why is one of the most popular Android apps running a hidden web server in the background? ES File Explorer claims it has more than 500 million downloads under its belt since 2014, making it one of th

Another huge database exposed millions of call logs and SMS text messages

An unprotected server storing millions of call logs and text messages was left open for months before they were found by a security researcher. If you thought you’d heard this story before, you&

DuckDuckGo debuts map search results using Apple Maps

DuckDuckGo has a new, unlikely partner in search: Apple. The privacy-focused search engine that promises to never track its users said Tuesday it’s now using data provided by Apple Maps to powe

Flaws in Amadeus’ airline booking system made it easy to change passenger records

You might not know Amadeus by name, but hundreds of millions of travelers use it each year. Whether you’re traveling for work or vacation, most consumers book their flights through one of a hand

Some of the biggest web hosting sites were vulnerable to simple account takeover hacks

A security researcher has found, reported and now disclosed a dozen bugs that made it easy to steal sensitive information or take over any customer’s account from some of the largest web hostin

Schneider’s EVLink car charging stations were easily hackable, thanks to a hardcoded password

Schneider has fixed three vulnerabilities in one of its popular electric car charging stations, which security researchers said could have easily allowed an attacker to remotely take over the unit. At

Scooter startup Bird tried to silence a journalist. It did not go well.

Cory Doctorow doesn’t like censorship. He especially doesn’t like his own work being censored. Anyone who knows Doctorow knows his popular tech and culture blog, Boing Boing, and anyone wh

Some US government websites won’t load after HTTPS certificates expire during shutdown

In a government shutdown, everything deemed non-essential stops. As we found out, renewing the certificates on its websites is considered non-essential. Several government sites are currently inaccess

Another server security lapse at NASA exposed staff and project data

Two months ago, NASA quietly fixed a buggy internal server that was leaking sensitive information about the agency’s staff and their work. The leaking server was — ironically — a bug-reporti

A simple bug makes it easy to spoof Google search results into spreading misinformation

A bug that anyone can easily exploit in Google makes it easy to kick out manipulated search results that look entirely real. The search manipulation bug was documented by Wietze Beukema, a London-base

How Trump’s government shutdown is harming cyber and national security

It’s now 18 days since the U.S. government unceremoniously shut down because Congress couldn’t agree on a bill to fund a quarter of all federal departments — including paying their emplo

Despite promises to stop, US cell carriers are still selling your real-time phone location data

Last year, four of the largest U.S. cell carriers were caught selling and sending real-time location data of their customers to shady companies that sold it on to big spenders, who would use the data

Drone sighting briefly halts departing flights at UK’s Heathrow Airport

All flights departing Heathrow, the U.K.’s largest airport, were suspended for an hour on Tuesday following a reported drone sighting. An airport spokesperson told TechCrunch that staff are &#82

Millions of Android users tricked into downloading 85 adware apps from Google Play

Another day, another batch of bad apps in Google Play. Researchers at security firm Trend Micro have discovered dozens of apps, including popular utilities and games, to serve a ton of deceptively dis

Court says Vizio’s secret smart TV tracking class-action settlement can move forward

A long-running class-action lawsuit filed after consumer electronics giant Vizio was caught spying on customer viewing habits can be settled, subject to a final approval, a court has ruled. The group
Load More