Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

He can also be reached by email: zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

Tibetans hit by the same mobile malware targeting Uyghurs

A recently revealed mobile malware campaign targeting Uyghur Muslims also ensnared a number of senior Tibetan officials and activists, according to new research. Security researchers at the University

Cloudflare has a new plan to fight bots — and climate change

Cloudflare is ratcheting up its fight against bots with a new “fight mode,” which it says will frustrate and disincentivize bot operators from their malicious activity. Bots are notorious

Here are the security sessions you can’t miss at Disrupt SF

Security is in everything, it’s everywhere and it’s everyone’s responsibility. What part are you playing? At TechCrunch Disrupt SF on October 2-4, we’re proud to have onstage s

Facebook has suspended ‘tens of thousands’ of apps suspected of hoarding data

Facebook has suspended “tens of thousands” of apps connected to its platform which it suspects may be collecting large amounts of user profile data. That’s a sharp rise from the 400

Thinkful confirms data breach days after Chegg’s $80M acquisition

Thinkful, an online education site for developers, has confirmed a data breach, just days after it confirmed it would be acquired. “We recently discovered that an unauthorized party may have gai

iOS 13: Here are the new security and privacy features you need to know

It’s finally here. Apple’s new iOS 13, the thirteenth major iteration of its popular iPhone software, is out to download. We took iOS 13 for a spin with a focus on the new security and pri

Silicon Valley is terrified of California’s privacy law. Good.

Silicon Valley is terrified. In a little over three months, California will see the widest-sweeping state-wide changes to its privacy law in years. California’s Consumer Privacy Act (CCPA) kicks

Documents reveal how Russia taps phone companies for surveillance

In cities across Russia, large boxes in locked rooms are directly connected to the networks of some of the country’s largest phone and internet companies. These boxes, some the size of a washing

What startup CSOs can learn from three enterprise security experts

How do you keep your startup secure? That’s the big question we explored at TC Sessions: Enterprise earlier this month. No matter the size, every startup is an enterprise. Every startup will gro

Shape Security hits $1B valuation with $51M Series F

Anti-fraud startup Shape Security has tipped over the $1 billion valuation mark following its latest Series F round of $51 million. The Mountain View, Calif.-based company announced the fundraise Thur

Telegram fixes bug that failed to delete ‘unsent’ photos and videos

Mobile messaging app Telegram has fixed a bug allowing users to recover photos and videos “unsent” by other people. Telegram, which has more than 100 million users, has an ephemeral messag

Monster.com says a third party exposed user data but didn’t tell anyone

An exposed web server storing résumés of job seekers — including from recruitment site Monster — has been found online. The server contained résumés and CVs for job applicants spanning 2014 an

A huge database of Facebook users’ phone numbers found online

Hundreds of millions of phone numbers linked to Facebook accounts have been found online. The exposed server contained more than 419 million records over several databases on users across geographies,

Another US visa holder was denied entry over someone else’s messages

It has been one week since U.S. border officials denied entry to a 17-year-old Harvard freshman just days before classes were set to begin. Ismail Ajjawi, a Palestinian student living in Lebanon, had

What you missed in cybersecurity this week

There’s not a week that goes by where cybersecurity doesn’t dominates the headlines. This week was no different. Struggling to keep up? We’ve collected some of the biggest cybersecur

Police hijack a botnet and remotely kill 850,000 malware infections

In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers. The notorious Retadup malware infects computers an

Sources say China used iPhone hacks to target Uyghur Muslims

A number of malicious websites used to hack into iPhones over a two-year period were targeting Uyghur Muslims, TechCrunch has learned. Sources familiar with the matter said the websites were part of a

A hacker has compromised Jack Dorsey’s Twitter account

A hacker has compromised Jack Dorsey’s Twitter account. A stream of rogue tweets — including racial slurs — were posted to the Twitter chief executive’s own Twitter account just after

Malicious websites were used to secretly hack into iPhones for years, says Google

Security researchers at Google say they’ve found a number of malicious websites which, when visited, could quietly hack into a victim’s iPhone by exploiting a set of previously undisclosed

Google to pay security researchers who find Android apps and Chrome extensions misusing user data

Google said it will pay security researchers who find “verifiably and unambiguous evidence” of data abuse using its platforms. It’s part of the company’s efforts to catch those
Load More