Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by e-mail at

The Latest from Zack Whittaker

Yepic fail: This startup promised not to make deepfakes without consent, but did anyway

U.K.-based startup Yepic AI claims to use “deepfakes for good” and promises to “never reenact someone without their consent.” But the company did exactly what it claimed it nev

Hackers advertised 23andMe stolen data two months ago

Genetic testing company 23andMe has been investigating a security incident after hackers advertised a trove of alleged stolen user data on a hacking forum last week. But the alleged stolen data may ha

Hacked phone spyware shuts down… again

A short-lived spyware operation called Oospy, which emerged earlier this year after its predecessor Spyhide was hacked, is no longer operational and has shut down. Oospy appeared online in late July a

Microsoft won’t say if its products were exploited by spyware zero-days

Microsoft has released patches to fix zero-day vulnerabilities in two popular open source libraries that affect several Microsoft products, including Skype, Teams and its Edge browser. But Microsoft w

IronNet, founded by former NSA director, shuts down and lays off staff

IronNet, a once-promising cybersecurity startup founded by a former NSA director and funded by cyber and defense investors, has shuttered and laid off its remaining staff following its collapse. In a

Security researcher warns of chilling effect after feds search phone at airport

A U.S. security researcher is warning of a chilling effect after he was detained on arrival at a U.S. airport, his phone was searched and he was ordered to testify to a grand jury, only to have prosec

Decade of newborn child registry data stolen in MOVEit mass-hack

Ontario’s government-funded birth registry has confirmed a data breach affecting some 3.4 million people who sought pregnancy care, including the personal health data of close to two million new

Yes, you have to update your Apple devices again, because spyware is bad

Apple has released urgent security updates for iPhones, iPads, Macs, Apple Watch, and Safari users to block two active spyware campaigns.

iOS 17 includes these new security and privacy features

Apple’s long-awaited iOS 17 update for iPhones lands today with a number of new and improved security features. Many of the new features are aimed at protecting iPhone owners who are at greater risk

Caesars Entertainment says customer data stolen in cyberattack

Hotel and casino giant Caesars Entertainment said Thursday that hackers stole a huge trove of customer data in a recent cyberattack, confirming recent media reports. Caesars said in an 8-K notice with

Hackers claim MGM cyberattack as outage drags into fourth day

Hotel and entertainment giant MGM Resorts continues to battle a widespread outage after a cyberattack forced it to shut down systems across its properties. MGM, which operates a number of hotels and c

Square says daylong outage caused by DNS error

Square said there was “no evidence” a cyberattack caused an outage that left customers and small businesses unable to use the payment giant’s technology on Thursday through early-Fri

Microsoft reveals how hackers stole its email signing key… kind of

A series of unfortunate and cascading mistakes allowed a China-backed hacking group to steal one of the keys to Microsoft’s email kingdom that granted near unfettered access to U.S. government i

Ransomware gang claims credit for Sabre data breach

Travel booking giant Sabre said it was investigating claims of a cyberattack after a tranche of files purportedly stolen from the company appeared on an extortion group’s leak site. “Sabre is

Lidl recalls Paw Patrol snacks after website on packaging displayed porn

Supermarket giant Lidl has issued a recall of Paw Patrol snacks after the website listed on the products’ packaging began displaying explicit content unsuitable for children. Lidl, which operate

How the FBI took down the notorious Qakbot botnet

A global law enforcement operation this week took down and dismantled the notorious Qakbot botnet, touted as the largest U.S.-led financial and technical disruption of a botnet infrastructure. Qakbot

Forever 21 data breach affects half a million people

Clothing giant Forever 21 said a data breach earlier in the year affects more than half a million individuals. A data breach notice filed with Maine’s attorney general said the fashion giant was

A Brazilian phone spyware was hacked and victims’ devices ‘deleted’ from server

A Portuguese-language spyware called WebDetetive has been used to compromise more than 76,000 Android phones in recent years across South America, largely in Brazil. WebDetetive is also the latest pho

Danish cloud host says customers ‘lost all data’ after ransomware attack

Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its data center systems, including its backups. The Denmark-based cloud comp

Learning the lessons from cybersecurity trash fires at TC Disrupt 2023

We’ve all seen headlines about major hacks and data breaches of major companies — it can feel like nobody’s safe. Security is a constant learning curve, and what we learn when things go
Load More