Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com and zack.whittaker@protonmail.com

The Latest from Zack Whittaker

Secureframe raises $18M Series A to simplify cybersecurity compliance

Security compliance may not be the hottest conversation starter, but it’s a critical and often grueling process that companies have to endure every year to show that their security practices are

$5.7M stolen in Roll crypto heist after hot wallet hacked

A security breach at cryptocurrency platform Roll allowed a hacker to obtain the private key to its hot wallet and steal its contents — worth about $5.7 million. In a statement, the company said it

Hackers are exploiting vulnerable Exchange servers to drop ransomware, Microsoft says

Hackers are exploiting recently discovered vulnerabilities in Exchange email servers to drop ransomware, Microsoft has warned, a move that puts tens of thousands of email servers at risk of destructiv

America’s small businesses face the brunt of China’s Exchange server hacks

As the U.S. reportedly readies for retaliation against Russia for hacking into some of the government’s most sensitive federal networks, the U.S. is facing another old adversary in cyberspace: C

A bug in a popular iPhone app exposed thousands of call recordings

A security vulnerability in a popular iPhone call recording app exposed thousands of users’ recorded conversations. The flaw was discovered by Anand Prakash, a security researcher and founder of

Apple releases important iPhone, iPad, Mac and Watch security patches

Apple has released a set of security updates for iPhones, iPads, Macs and Watches. There are no new features — but these are updates you will still want to install. As part of these security fixes,

Airlines warn of data breaches after SITA passenger system hack

Global air transport data giant SITA has confirmed a data breach involving passenger data. The company said in a brief statement on Thursday that it had been the “victim of a cyberattack,”

Indian state government website exposed COVID-19 lab test results

A security flaw in a website run by the government of West Bengal in India exposed the lab results of at least hundreds of thousands of residents, though likely millions, who took a COVID-19 test. The

Identiq, a privacy-friendly fraud prevention startup, secures $47M at Series A

Israeli fraud prevention startup Identiq has raised $47 million at Series A as the company eyes international growth, driven in large part by the spike in online spending during the pandemic. The roun

Microsoft says China-backed hackers are exploiting Exchange zero-days

Microsoft is warning customers that a new China state-sponsored threat actor is exploiting four previously undisclosed security flaws in Exchange Server, an enterprise email product built by the softw

Hackers release a new jailbreak tool for almost every iPhone

An iPhone hacking team has released a new jailbreak tool for almost every iPhone, including the most recent models, by using the same vulnerability that Apple last month said was under active attack b

Jamaica’s JamCOVID pulled offline after third security lapse exposed travelers’ data

Jamaica’s JamCOVID app and website were taken offline late on Thursday following a third security lapse, which exposed quarantine orders on more than half a million travelers to the island. JamC

SolarWinds hackers targeted NASA, Federal Aviation Administration networks

Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private

Jamaica’s Amber Group fixes second JamCOVID security lapse

Amber Group has fixed a second security lapse that exposed private keys and passwords for the government’s JamCOVID app and website. A security researcher told TechCrunch on Sunday that the Ambe

Data breach warning after California DMV contractor hit by file-stealing ransomware

California’s Department of Motor Vehicles is warning of a potential data breach after a contractor was hit by ransomware. The Seattle-based Automatic Funds Transfer Services (AFTS), which the DM

Jamaica’s immigration website exposed thousands of travelers’ data

A security lapse by a Jamaican government contractor has exposed immigration records and COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year. The Jam

Notion’s hours-long outage was caused by phishing complaints

Last week’s hours-long outage at online workspace startup Notion was caused by phishing complaints, according to the startup’s domain registrar. Notion was offline for most of the morning

Online workspace startup Notion hit by outage, citing DNS issues

Notion, the online workspace startup that was last year valued at over $2 billion, was knocked offline after a DNS outage. The collaborative online office and document service was not loading as of ar

A webcam app left thousands of user accounts exposed online

A webcam app installed by thousands of users left an exposed database packed with user data on the internet without a password. The Elasticsearch database belonged to Adorcam, an app for viewing and c

Ancestry says it fought two police requests to search its DNA database

Consumer genomics company Ancestry has confirmed it fought two U.S. law enforcement requests to access its DNA database in the past six months, but that neither request resulted in turning over custom
Load More