Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab

A Bahraini human rights activist’s iPhone was silently hacked earlier this year by a powerful spyware sold to nation-states, defeating new security protections that Apple designed to withstand c

Google says geofence warrants make up one-quarter of all US demands

For the first time, Google has published the number of geofence warrants it’s historically received from U.S. authorities, providing a rare glimpse into how frequently these controversial warran

Apple’s CSAM detection tech is under fire — again

Apple has encountered monumental backlash to a new child sexual abuse material (CSAM) detection technology it announced earlier this month. The system, which Apple calls NeuralHash, has yet to be acti

T-Mobile says at least 47M current and former customers affected by hack

T-Mobile has confirmed that millions of current and former customers had their information stolen in a data breach, following reports of a hack over the weekend. In a statement, T-Mobile, which has mo

A bug in a medical startup’s website put thousands of COVID-19 test results at risk

A California-based medical startup that provides COVID-19 testing across Los Angeles has pulled down a website it used to allow customers to access their test results after a customer found a vulnerab

T-Mobile confirms it was hacked after customer data posted online

T-Mobile has confirmed “unauthorized access” to its systems, days after a portion of customer data was listed for sale on a known cybercriminal forum. The U.S. cell giant, which last year

FEMA just tested the US national emergency alert system

Did you hear it? FEMA just ran its first nationwide test of the U.S. emergency alert system since the pandemic. The Federal Emergency Management Agency, or FEMA, tested both the Emergency Alert System

Apple confirms it will begin scanning iCloud Photos for child abuse images

Later this year, Apple will roll out a technology that will allow the company to detect and report known child sexual abuse material to law enforcement in a way it says will preserve user privacy. App

Passwordstate customers complain of silence and secrecy after cyberattack

It has been over three months since Click Studios, the Australian software house behind the enterprise password manager Passwordstate, warned its customers to “commence resetting all passwords.&

A Silicon Valley VC firm with $1.8B in assets was hit by ransomware

Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, was hit by a ransomware attack in July that saw cybercriminals steal per

Amazon will pay you $10 in credit for your palm print biometrics

How much is your palm print worth? If you ask Amazon, it’s about $10 in promotional credit if you enroll your palm prints in its checkout-free stores and link it to your Amazon account. Last yea

Calgary’s parking authority exposed drivers’ personal data and tickets

A review of the logs by TechCrunch found contact information, details of parking tickets and parking offenses, and some partial card payment numbers and expiry dates.

Court orders US Capitol rioter to unlock his laptop ‘with his face’

The FBI argued that compelling Guy Reffitt to unlock his computer by sitting in front of it 'would not run afoul of the defendant's Fifth Amendment right against self-incrimination.'

Despite controversies and bans, facial recognition startups are flush with VC cash

If efforts by states and cities to pass privacy regulations curbing the use of facial recognition are anything to go by, you might fear the worst for the companies building the technology. But a recen

A DNS outage just took down a large chunk of the internet

A large chunk of the internet dropped offline on Thursday. Some of the most popular sites, apps and services on the internet were down, including UPS and FedEx (which have since come back online), Air

This tool tells you if NSO’s Pegasus spyware targeted your phone

Over the weekend, an international consortium of news outlets reported that several authoritarian governments — including Mexico, Morocco and the United Arab Emirates — used spyware developed by N

US blames China for Exchange server hacks and ransomware attacks

The Biden administration and its allies have formally accused China of the mass-hacking of Microsoft Exchange servers earlier this year, which prompted the FBI to intervene as concerns rose that the h

An insurtech startup exposed thousands of sensitive insurance applications

A security lapse at insurance technology startup BackNine exposed hundreds of thousands of insurance applications after one of its cloud servers was left unprotected on the internet. BackNine might be

GSA blocks senator from reviewing documents used to approve Zoom for government use

The General Services Administration has denied a senator’s request to review documents Zoom submitted to have its software approved for use in the federal government. The denial was in response

Ring’s latest security updates are good, but still opt-in

Ring, the video doorbell maker dubbed the “largest civilian surveillance network the U.S. has ever seen,” is rolling out new but long overdue security and privacy features. The Amazon-own
Load More