Lorenzo Franceschi-Bicchierai
@lorenzofb.bsky.social
Real-time historian of the late cyber capitalist era @TechCrunch, writing about the intersection of hackers, human rights, and spies.
Also writing a book about Hacking Team and the history of government spyware.
☎️ Signal: +1 917 257 1382
Also writing a book about Hacking Team and the history of government spyware.
☎️ Signal: +1 917 257 1382
Pinned
Do you have any tips about cybersecurity, surveillance, spyware, zero-days...all things cyber?
Contact me here:
☎️ Signal: + 1 917 257 1382
📷Keybase/Telegram: lorenzofb
Contact me here:
☎️ Signal: + 1 917 257 1382
📷Keybase/Telegram: lorenzofb
Reposted by Lorenzo Franceschi-Bicchierai
What. No.
Don't use their language, @newyorker.com that is not even a real word. What the hell is wrong with "flee" or like. "Flee this godforsaken country"
Don't use their language, @newyorker.com that is not even a real word. What the hell is wrong with "flee" or like. "Flee this godforsaken country"
![[email subject line] The New Yorker Daily The Mexican Couple Planning to Self-Deport](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:un7ax3cmaqemchu5tsqnymts/bafkreihkgcfyxr6m2klg63f4wxk5dinyipggr2fz6arzkunbtsduv543wu@jpeg)
December 30, 2025 at 8:37 PM
What. No.
Don't use their language, @newyorker.com that is not even a real word. What the hell is wrong with "flee" or like. "Flee this godforsaken country"
Don't use their language, @newyorker.com that is not even a real word. What the hell is wrong with "flee" or like. "Flee this godforsaken country"
Reposted by Lorenzo Franceschi-Bicchierai
More evidence that the Trump administration is cozying up to cybermercenaries. The Treasury Dept has removed three people closely affiliated with Intellexa, the company that makes Predator, off a sanctions list: therecord.media/treasury-san...
Treasury removes sanctions for three executives tied to spyware maker Intellexa
The Treasury Department on Tuesday took three people closely affiliated with the holding company behind Predator spyware off of a sanctions list, reversing their designation in 2024 by the Biden admin...
therecord.media
December 30, 2025 at 10:36 PM
More evidence that the Trump administration is cozying up to cybermercenaries. The Treasury Dept has removed three people closely affiliated with Intellexa, the company that makes Predator, off a sanctions list: therecord.media/treasury-san...
It’s true, GenAI is gonna change the world. I have no doubts anymore.
“This could look like a user asking how much ibuprofen to take for a headache receiving a promoted ad for Advil in the chatbot’s response. Meanwhile, actual results on correct dosage may be brushed to the side, or buried under a mountain of ad text…”
OpenAI Reportedly Planning to Make ChatGPT "Prioritize" Advertisers in Conversation
OpenAI employees working on ChatGPT report plans to unleash sponsored advertisements above organic results.
futurism.com
December 30, 2025 at 11:22 PM
It’s true, GenAI is gonna change the world. I have no doubts anymore.
👀
⚠️The 🇺🇸U.S. Department of the Treasury has lifted sanctions against three of the five executives with ties to the #Intellexa Consortium - Sara Hamou, Andrea Gambazzi, and Merom Harpaz - that were originally imposed in September 2024.
ofac.treasury.gov/recent-actio...
ofac.treasury.gov/recent-actio...
ofac.treasury.gov
December 30, 2025 at 4:54 PM
👀
Looks like the NSO Group sale is going forward. It will be interesting to see what happens. Will NSO shed all its international and controversial customers to go for the American market?
Top U.S. agencies don’t like providers that also sell outside of the country. At most they tolerate Five Eyes.
Top U.S. agencies don’t like providers that also sell outside of the country. At most they tolerate Five Eyes.
Another similarly named 🇺🇸Delaware company (Hippocrene, LLC) can be linked to Hollywood producer Robert Simonds, who, according to reports, leads a group of US investors that has acquired controlling ownership of #Pegasus maker NSO Group.
December 30, 2025 at 2:51 PM
Looks like the NSO Group sale is going forward. It will be interesting to see what happens. Will NSO shed all its international and controversial customers to go for the American market?
Top U.S. agencies don’t like providers that also sell outside of the country. At most they tolerate Five Eyes.
Top U.S. agencies don’t like providers that also sell outside of the country. At most they tolerate Five Eyes.
For some reason I thought about Aloria today.
She was an inspiring woman, and this quote about her mental health struggles will always stick with me: “It’s a long hard road ahead sometimes, but that doesn’t mean that the journey isn’t going somewhere, and it isn’t worthwhile.”
A powerful reminder.
She was an inspiring woman, and this quote about her mental health struggles will always stick with me: “It’s a long hard road ahead sometimes, but that doesn’t mean that the journey isn’t going somewhere, and it isn’t worthwhile.”
A powerful reminder.
Beloved hacking veteran Kelly ‘Aloria’ Lum passes away at 41 | TechCrunch
Kelly "Aloria" Lum was 41 when she passed away in New York City. She was a beloved member of the cybersecurity community, particularly in the city.
techcrunch.com
December 30, 2025 at 12:32 PM
For some reason I thought about Aloria today.
She was an inspiring woman, and this quote about her mental health struggles will always stick with me: “It’s a long hard road ahead sometimes, but that doesn’t mean that the journey isn’t going somewhere, and it isn’t worthwhile.”
A powerful reminder.
She was an inspiring woman, and this quote about her mental health struggles will always stick with me: “It’s a long hard road ahead sometimes, but that doesn’t mean that the journey isn’t going somewhere, and it isn’t worthwhile.”
A powerful reminder.
NEW: Apple, Google, and WhatsApp now regularly notify their users if they suspect they have been targeted or hacked with government spyware, such as that made by NSO Group or Paragon.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
You've been targeted by government spyware. Now what? | TechCrunch
Tech companies are increasingly warning their customers that they have been targeted by governments with advanced government spyware, such as NSO's Pegasus or Paragon's Graphite. What happens after re...
techcrunch.com
December 29, 2025 at 4:27 PM
NEW: Apple, Google, and WhatsApp now regularly notify their users if they suspect they have been targeted or hacked with government spyware, such as that made by NSO Group or Paragon.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
NEW: Meet the folks at AccessNow's Digital Security Helpline, who have been investigating government spyware for more than a decade, helping journalists and dissidents all over the world.
I spoke to Hassen Selmi, who heads the incident response team, to learn how his team fights spyware abuses.
I spoke to Hassen Selmi, who heads the incident response team, to learn how his team fights spyware abuses.
Meet the team that hunts government spyware
For years, Access Now’s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.
techcrunch.com
December 27, 2025 at 6:52 PM
NEW: Meet the folks at AccessNow's Digital Security Helpline, who have been investigating government spyware for more than a decade, helping journalists and dissidents all over the world.
I spoke to Hassen Selmi, who heads the incident response team, to learn how his team fights spyware abuses.
I spoke to Hassen Selmi, who heads the incident response team, to learn how his team fights spyware abuses.
The FIFA peace prize President everybody.
First-ever US airstrikes in Nigeria put the second Trump admin’s 2025 combat actions at:
—Nigeria—tonight’s strikes
—Yemen—1,000+ strikes (Mar-Apr)
—Somalia—120 strikes, 1 ground raid
—Syria—78+ strikes, 3 ground raids
—Caribbean—11 strikes
—Eastern Pacific—20 strikes
—Iran—3 strikes
—Iraq—1 strike
—Nigeria—tonight’s strikes
—Yemen—1,000+ strikes (Mar-Apr)
—Somalia—120 strikes, 1 ground raid
—Syria—78+ strikes, 3 ground raids
—Caribbean—11 strikes
—Eastern Pacific—20 strikes
—Iran—3 strikes
—Iraq—1 strike
December 26, 2025 at 11:34 PM
The FIFA peace prize President everybody.
I am a total fanboy so not very objective, BUT! If there is a time and place for a great Matrix spinoff that is a criticism of the AI industry is right now. If you watched the Animatrix you know how rich that universe is. We just need someone to jack back into it.
December 26, 2025 at 10:47 PM
I am a total fanboy so not very objective, BUT! If there is a time and place for a great Matrix spinoff that is a criticism of the AI industry is right now. If you watched the Animatrix you know how rich that universe is. We just need someone to jack back into it.
Reposted by Lorenzo Franceschi-Bicchierai
New, by @lorenzofb.bsky.social and me: We just published TechCrunch's annual jealousy list of cybersecurity stories that we *didn’t* publish but wish we had. This is the very best cybersecuirty reporting from our friends at competing publications.
techcrunch.com/2025/12/26/t...
techcrunch.com/2025/12/26/t...
These are the cybersecurity stories we were jealous of in 2025 | TechCrunch
The very best reporting and investigative journalism from our friends at other publications.
techcrunch.com
December 26, 2025 at 2:26 PM
New, by @lorenzofb.bsky.social and me: We just published TechCrunch's annual jealousy list of cybersecurity stories that we *didn’t* publish but wish we had. This is the very best cybersecuirty reporting from our friends at competing publications.
techcrunch.com/2025/12/26/t...
techcrunch.com/2025/12/26/t...
Out of curiosity, thinking that perhaps I missed something important or interesting, I searched for “Hacking Team” on YouTube and found this video.
I watched only 2 minutes, which are full of made up stuff presented as facts. Now I wonder if the script was AI generated. It has been 200k views.
I watched only 2 minutes, which are full of made up stuff presented as facts. Now I wonder if the script was AI generated. It has been 200k views.
The Hacker Who Destroyed a Spying Empire
YouTube video by Blackfiles
www.youtube.com
December 26, 2025 at 12:15 PM
Out of curiosity, thinking that perhaps I missed something important or interesting, I searched for “Hacking Team” on YouTube and found this video.
I watched only 2 minutes, which are full of made up stuff presented as facts. Now I wonder if the script was AI generated. It has been 200k views.
I watched only 2 minutes, which are full of made up stuff presented as facts. Now I wonder if the script was AI generated. It has been 200k views.
NEW: Hackers stole more than $2.7 billion in crypto last year, according to multiple blockchain monitoring companies.
North Korea alone stole 2 of those billions, thanks to the jackpot of the Bybit hack, which netted them $1.4 billion.
techcrunch.com/2025/12/23/h...
North Korea alone stole 2 of those billions, thanks to the jackpot of the Bybit hack, which netted them $1.4 billion.
techcrunch.com/2025/12/23/h...
Hackers stole over $2.7B in crypto in 2025, data shows | TechCrunch
2025 was another banner year for crypto hacks and heists, the third year in a row that a new crypto theft record was set.
techcrunch.com
December 23, 2025 at 7:10 PM
NEW: Hackers stole more than $2.7 billion in crypto last year, according to multiple blockchain monitoring companies.
North Korea alone stole 2 of those billions, thanks to the jackpot of the Bybit hack, which netted them $1.4 billion.
techcrunch.com/2025/12/23/h...
North Korea alone stole 2 of those billions, thanks to the jackpot of the Bybit hack, which netted them $1.4 billion.
techcrunch.com/2025/12/23/h...
NEW: U.S. insurance giant Aflac says its June data breach affected 22.6 million people.
The hackers, the company says, stole data such as Social Security numbers, government IDs, and health information.
techcrunch.com/2025/12/23/u...
The hackers, the company says, stole data such as Social Security numbers, government IDs, and health information.
techcrunch.com/2025/12/23/u...
US insurance giant Aflac says hackers stole personal data of 22.6 million | TechCrunch
Aflac, one of the largest insurance companies in the U.S., confirmed hackers stole reams of personal data, including Social Security numbers, identity documents, and health information.
techcrunch.com
December 23, 2025 at 5:15 PM
NEW: U.S. insurance giant Aflac says its June data breach affected 22.6 million people.
The hackers, the company says, stole data such as Social Security numbers, government IDs, and health information.
techcrunch.com/2025/12/23/u...
The hackers, the company says, stole data such as Social Security numbers, government IDs, and health information.
techcrunch.com/2025/12/23/u...
What's up with all these "secret location" Barcelona offensive cybersecurity conferences?
December 23, 2025 at 4:39 PM
What's up with all these "secret location" Barcelona offensive cybersecurity conferences?
NEW: La Poste, France's postal and banking services company, hit by a suspected Distributed Denial of Service attack.
The postal service called the incident “a major network incident” that was disrupting “all of our information systems.”
techcrunch.com/2025/12/23/f...
The postal service called the incident “a major network incident” that was disrupting “all of our information systems.”
techcrunch.com/2025/12/23/f...
France's postal and banking services disrupted by suspected DDoS attack | TechCrunch
France's postal service, La Poste, said it was hit by a disruptive cyberattack that knocked its services offline.
techcrunch.com
December 23, 2025 at 3:44 PM
NEW: La Poste, France's postal and banking services company, hit by a suspected Distributed Denial of Service attack.
The postal service called the incident “a major network incident” that was disrupting “all of our information systems.”
techcrunch.com/2025/12/23/f...
The postal service called the incident “a major network incident” that was disrupting “all of our information systems.”
techcrunch.com/2025/12/23/f...
Reposted by Lorenzo Franceschi-Bicchierai
NEW, by me: Uzbekistan publicly exposed its nationwide license plate surveillance system, no password needed.
The system reveals a hundred locations where banks of cameras have been placed, including cities and rural areas; and contains raw video footage of millions of vehicles and their occupants.
The system reveals a hundred locations where banks of cameras have been placed, including cities and rural areas; and contains raw video footage of millions of vehicles and their occupants.
Exclusive: Inside Uzbekistan's nationwide license plate surveillance system
The Uzbek government's national license plate scanning system was discovered exposed to the internet for anyone to access without a password.
techcrunch.com
December 23, 2025 at 3:09 PM
NEW, by me: Uzbekistan publicly exposed its nationwide license plate surveillance system, no password needed.
The system reveals a hundred locations where banks of cameras have been placed, including cities and rural areas; and contains raw video footage of millions of vehicles and their occupants.
The system reveals a hundred locations where banks of cameras have been placed, including cities and rural areas; and contains raw video footage of millions of vehicles and their occupants.
Reposted by Lorenzo Franceschi-Bicchierai
This is 404 Media's @jasonkoebler.bsky.social waving at himself through a Flock camera; one of 60 we learned was left exposed to the open internet. Not only could anyone with a link livestream it, but some admin portals were open with no login credentials required.
www.404media.co/flock-expose...
www.404media.co/flock-expose...
December 22, 2025 at 4:37 PM
This is 404 Media's @jasonkoebler.bsky.social waving at himself through a Flock camera; one of 60 we learned was left exposed to the open internet. Not only could anyone with a link livestream it, but some admin portals were open with no login credentials required.
www.404media.co/flock-expose...
www.404media.co/flock-expose...
Reposted by Lorenzo Franceschi-Bicchierai
Tomorrow's edition of my weekly cybersecurity newsletter this.weekinsecurity.com is a very busy, very special, awesome dispatch for the holiday season.
Featuring all the cyber news you need to know but might've missed, plus a festive cyber-cat, and more.
Sign up/RSS! No email open/link tracking. 🐈⬛
Featuring all the cyber news you need to know but might've missed, plus a festive cyber-cat, and more.
Sign up/RSS! No email open/link tracking. 🐈⬛
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
December 21, 2025 at 3:24 AM
Tomorrow's edition of my weekly cybersecurity newsletter this.weekinsecurity.com is a very busy, very special, awesome dispatch for the holiday season.
Featuring all the cyber news you need to know but might've missed, plus a festive cyber-cat, and more.
Sign up/RSS! No email open/link tracking. 🐈⬛
Featuring all the cyber news you need to know but might've missed, plus a festive cyber-cat, and more.
Sign up/RSS! No email open/link tracking. 🐈⬛
Reposted by Lorenzo Franceschi-Bicchierai
Online casino and betting site Stake emailed customers saying their personal data was stolen in Mixpanel's breach. Stake says usernames, email addresses, dates of birth & phone numbers were compromised.
That's OpenAI, CoinTracker, CoinLedger, SwissBorg, SoundCloud, Pornhub & Stake affected so far.
That's OpenAI, CoinTracker, CoinLedger, SwissBorg, SoundCloud, Pornhub & Stake affected so far.
With news that the data breach at web and phone analytics giant Mixpanel includes the viewing habits of Pornhub users, here's my TechCrunch story from early December about why this data breach is a big deal — and what sort of data Mixpanel tracks about millions of ordinary people every day.
A data breach at analytics giant Mixpanel leaves a lot of open questions | TechCrunch
We sent over a dozen questions to Mixpanel's CEO about the company's data breach. Here's what we want to know.
techcrunch.com
December 19, 2025 at 1:46 PM
Online casino and betting site Stake emailed customers saying their personal data was stolen in Mixpanel's breach. Stake says usernames, email addresses, dates of birth & phone numbers were compromised.
That's OpenAI, CoinTracker, CoinLedger, SwissBorg, SoundCloud, Pornhub & Stake affected so far.
That's OpenAI, CoinTracker, CoinLedger, SwissBorg, SoundCloud, Pornhub & Stake affected so far.
NEW: Researchers say hundreds of Cisco customers are vulnerable to the newly revealed Chinese government-backed hacking campaign.
It appears the attacks right now “are targeted,” according to Shadowserver’s chief executive Piotr Kijewski. Censys for now only sees 220 exposed systems.
It appears the attacks right now “are targeted,” according to Shadowserver’s chief executive Piotr Kijewski. Censys for now only sees 220 exposed systems.
Hundreds of Cisco customers are vulnerable to new Chinese hacking campaign, researchers say | TechCrunch
Cisco warned that Chinese government hackers are exploiting a zero-day in some of its products. Researchers now say there are hundreds of vulnerable Cisco customers.
techcrunch.com
December 19, 2025 at 8:15 PM
NEW: Researchers say hundreds of Cisco customers are vulnerable to the newly revealed Chinese government-backed hacking campaign.
It appears the attacks right now “are targeted,” according to Shadowserver’s chief executive Piotr Kijewski. Censys for now only sees 220 exposed systems.
It appears the attacks right now “are targeted,” according to Shadowserver’s chief executive Piotr Kijewski. Censys for now only sees 220 exposed systems.
Apple was very smart to send Ivan Krstić, who's been fighting spyware and exploit makers for years now, to Hexacon, a conference attended by a lot of spyware and exploit makers.
www.youtube.com/watch?v=Du8B...
www.youtube.com/watch?v=Du8B...
HEXACON 2025 - Keynote by Ivan Krstić
YouTube video by Hexacon
www.youtube.com
December 19, 2025 at 3:33 PM
Apple was very smart to send Ivan Krstić, who's been fighting spyware and exploit makers for years now, to Hexacon, a conference attended by a lot of spyware and exploit makers.
www.youtube.com/watch?v=Du8B...
www.youtube.com/watch?v=Du8B...
As every year, 2025 was a dumpster fire of data breaches, disruptive cyberattacks, and damaging hacks.
Here's our annual look back at the worst cybersecurity incidents of the year.
techcrunch.com/2025/12/19/h...
Here's our annual look back at the worst cybersecurity incidents of the year.
techcrunch.com/2025/12/19/h...
Hacks, thefts and disruption: The worst data breaches of 2025 | TechCrunch
TechCrunch looks back at the biggest data breaches, disruptive cyberattacks, and damaging hacks of 2025, from the raiding of U.S. government databases to a hack every month in South Korea.
techcrunch.com
December 19, 2025 at 2:58 PM
As every year, 2025 was a dumpster fire of data breaches, disruptive cyberattacks, and damaging hacks.
Here's our annual look back at the worst cybersecurity incidents of the year.
techcrunch.com/2025/12/19/h...
Here's our annual look back at the worst cybersecurity incidents of the year.
techcrunch.com/2025/12/19/h...
NEW: British healthcare technology provider DXS International, which sells to the National Health Service (NHS), disclosed a data breach today.
Earlier this week, ransomware gang DevMan took credit for hacking the company, claiming to have stolen 300 gigabytes.
Earlier this week, ransomware gang DevMan took credit for hacking the company, claiming to have stolen 300 gigabytes.
Tech provider for NHS England confirms data breach | TechCrunch
U.K.-based healthcare tech provider DXS International said it discovered and contained a data breach on Sunday. A ransomware gang took credit for the breach.
techcrunch.com
December 18, 2025 at 4:12 PM
NEW: British healthcare technology provider DXS International, which sells to the National Health Service (NHS), disclosed a data breach today.
Earlier this week, ransomware gang DevMan took credit for hacking the company, claiming to have stolen 300 gigabytes.
Earlier this week, ransomware gang DevMan took credit for hacking the company, claiming to have stolen 300 gigabytes.
NEW: Cisco discovered a Chinese hacking campaign targeting an unknown number of customers.
The hackers have been exploiting a zero-day in some of Cisco's most popular products "since at least late November 2025," the company said.
There is no patch available at this point.
The hackers have been exploiting a zero-day in some of Cisco's most popular products "since at least late November 2025," the company said.
There is no patch available at this point.
Cisco says Chinese hackers are exploiting its customers with a new zero-day | TechCrunch
Cisco said it discovered a Chinese hacking campaign targeting its customers by exploiting a zero-day in some of the company's most popular products.
techcrunch.com
December 17, 2025 at 7:00 PM
NEW: Cisco discovered a Chinese hacking campaign targeting an unknown number of customers.
The hackers have been exploiting a zero-day in some of Cisco's most popular products "since at least late November 2025," the company said.
There is no patch available at this point.
The hackers have been exploiting a zero-day in some of Cisco's most popular products "since at least late November 2025," the company said.
There is no patch available at this point.