Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

Bug bounty giant HackerOne lands $49M, thanks to cloud adoption boon

Bug bounty and penetration testing startup HackerOne has raised a $49 million Series E following a year of massive cloud adoption fueled by work-from-home orders. The company — which mediates betwee

Flaws in third-party software exposed dozens of Teslas to remote access

A security researcher said he was able to remotely access dozens of Teslas around the world because security bugs found in an open source logging tool popular with Tesla owners exposed their cars dire

Locations and contact data on 515,000 vulnerable people stolen in Red Cross data breach

A cyberattack targeting a contractor working for the International Committee of the Red Cross has spilled confidential data on more than 515,000 “highly vulnerable” people, many of whom ha

A bill to ban geofence and keyword search warrants in New York gains traction

A New York bill that would ban state law enforcement from obtaining residents’ private user data from tech giants through the use of controversial search warrants will get another chance, two ye

FTC settles with data analytics firm after millions of Americans’ mortgage files exposed

The Federal Trade Commission has approved a settlement with a mortgage data analytics firm for a 2019 security lapse that exposed millions of sensitive mortgage documents containing the private inform

Recorded Future acquires internet inventory startup SecurityTrails for $65M

Threat intelligence giant Recorded Future announced Tuesday that it has acquired SecurityTrails, an internet inventory startup that collects and banks current and historical domain and IP address data

6 things in cybersecurity we didn’t know last year

The past 12 months in cybersecurity have been a rough ride. In cybersecurity, everything is broken — it’s just a matter of finding it — and this year felt like everything broke at once, espe

Fisher-Price’s Chatter phone has a simple but problematic Bluetooth bug

As nostalgia goes, the Fisher-Price Chatter phone doesn’t disappoint. The classic retro kids toy was given a modern revamp for the holiday season with the new release for adults which, unlike th

Security flaws found in a popular guest Wi-Fi system used in hundreds of hotels

A security researcher says an internet gateway used by hundreds of hotels to offer and manage their guest Wi-Fi networks has vulnerabilities that could put the personal information of their guests at

This USB ‘kill cord’ can instantly wipe your laptop if snatched or stolen

Journalists, activists and human rights defenders face a constant battle to keep files safe from a growing set of digital threats and surveillance. But physical attacks can be challenging to defend ag

A new spyware-for-hire, Predator, caught hacking phones of politicians and journalists

While NSO Group was taking flak for hacking into the phones of journalists, activists and human rights defenders, an entire class of spyware makers and surveillance-for-hire outfits were operating as

Noname Security hits $1B valuation after $135M Series C raise

API security is all the rage these days, pushed into the limelight following a spate of high-profile security incidents that saw reams of user data exposed or exfiltrated. Peloton spilled users’

Chainguard lands $5M to help companies secure their software supply chains

By late last year, the alarm bells were just starting to ring. Researchers discovered that Russian spies had months earlier burrowed deep into the networks of several U.S. federal networks. The spies,

US government agencies bought Chinese surveillance tech despite federal ban

This story was reported in partnership with video surveillance news site IPVM. At least three U.S. federal agencies, including the military, have purchased China-made video surveillance equipment bann

On legal demands and press freedoms

In August 2020, two FBI agents were standing on my doorstep, unannounced, wanting to ask me questions about a TechCrunch story we had published the year before. The story was about how a hacker took t

Apple files lawsuit against NSO Group over Pegasus spyware

Apple has launched a lawsuit against NSO Group, the maker of the nation-state spyware Pegasus, seeking a permanent injunction to prevent the spyware maker from using any Apple product or service. In a

Gift Guide: The smart home starter kit

A year ago I accidentally turned my house into a smart home. What started out as an easy (and lazy, let’s be honest) way to switch off the radio in the kitchen without getting up from the couch

GoDaddy says data breach exposed over a million user accounts

Web hosting giant GoDaddy has reported a data breach, and warns that data on 1.2 million customers may have been accessed. In a filing with the Securities and Exchange Commission, GoDaddy’s chie

HPE says Aruba customer data compromised after data breach

HPE has confirmed that a “limited subset” of customer data was taken in a data breach involving its subsidiary Aruba Networks, a maker of networking equipment. The enterprise technology gi

Robinhood says millions of customer names and email addresses taken in data breach

Online stock trading platform Robinhood has confirmed it was hacked last week with more than five million customer email addresses and two million customer names taken, as well as a much smaller set o
Load More