Zack Whittaker
@zackwhittaker.com
Security editor, TechCrunch
Signal: zackwhittaker.1337
My stories: techcrunch.com/author/zack-whittaker
My newsletter/blog: this.weekinsecurity.com
Signal: zackwhittaker.1337
My stories: techcrunch.com/author/zack-whittaker
My newsletter/blog: this.weekinsecurity.com
Reposted by Zack Whittaker
I will continue to argue that these surveillance companies are overplaying their hand with all this dystopian shit. They don’t imagine a world where people reject it and their vision of the future.
February 9, 2026 at 11:04 PM
I will continue to argue that these surveillance companies are overplaying their hand with all this dystopian shit. They don’t imagine a world where people reject it and their vision of the future.
Reposted by Zack Whittaker
I finally have a newsletter!
It's called The Fine Print* and I'll be writing about tech, media, politics, consumer rights (and whatever else I damn-well please).
It's free, but if you have disposable income, you can support independent reporting for just $50/year or $4/month.
It's called The Fine Print* and I'll be writing about tech, media, politics, consumer rights (and whatever else I damn-well please).
It's free, but if you have disposable income, you can support independent reporting for just $50/year or $4/month.
The Fine Print*
A newsletter by Karl Bode covering tech, media, politics, and consumer rights.
karlbode.com
February 9, 2026 at 6:01 PM
I finally have a newsletter!
It's called The Fine Print* and I'll be writing about tech, media, politics, consumer rights (and whatever else I damn-well please).
It's free, but if you have disposable income, you can support independent reporting for just $50/year or $4/month.
It's called The Fine Print* and I'll be writing about tech, media, politics, consumer rights (and whatever else I damn-well please).
It's free, but if you have disposable income, you can support independent reporting for just $50/year or $4/month.
Reposted by Zack Whittaker
In 1943, musician Woody Guthrie placed a message on his guitar: "This machine kills fascists."
I am part of a group that's shipped half a million free 3D-printed whistles to defend against ICE — 200,000 of them in the first week of February alone.
This is the story of the "Whistle Crew."
I am part of a group that's shipped half a million free 3D-printed whistles to defend against ICE — 200,000 of them in the first week of February alone.
This is the story of the "Whistle Crew."
This whistle fights fascists
I print whistles now. You can too.
www.theverge.com
February 9, 2026 at 6:38 PM
In 1943, musician Woody Guthrie placed a message on his guitar: "This machine kills fascists."
I am part of a group that's shipped half a million free 3D-printed whistles to defend against ICE — 200,000 of them in the first week of February alone.
This is the story of the "Whistle Crew."
I am part of a group that's shipped half a million free 3D-printed whistles to defend against ICE — 200,000 of them in the first week of February alone.
This is the story of the "Whistle Crew."
Reposted by Zack Whittaker
SCOOP: A hacktivist has scraped more than half a million payment records from a company that makes consumer-grade spyware and other phone tracking apps, exposing customers' email addresses and partial card numbers. TechCrunch verified the scraped data is authentic.
By @lorenzofb.bsky.social and me:
By @lorenzofb.bsky.social and me:
Exclusive: Hacktivist scrapes over 500,000 stalkerware customers' payment records
More than half-a-million people who bought access to phone surveillance and social media snooping apps had their email address and partial payment card numbers published online.
techcrunch.com
February 9, 2026 at 4:25 PM
SCOOP: A hacktivist has scraped more than half a million payment records from a company that makes consumer-grade spyware and other phone tracking apps, exposing customers' email addresses and partial card numbers. TechCrunch verified the scraped data is authentic.
By @lorenzofb.bsky.social and me:
By @lorenzofb.bsky.social and me:
“Your data is yours and yours always,” said Oura CEO Tom Hale.
This doesn't mean... anything? Oura data *isn't* end-to-end encrypted, it's stored in a way that allows Oura *staff* to access sensitive health data, and Oura's spokesperson has admitted it has received government demands for user data!
This doesn't mean... anything? Oura data *isn't* end-to-end encrypted, it's stored in a way that allows Oura *staff* to access sensitive health data, and Oura's spokesperson has admitted it has received government demands for user data!
February 9, 2026 at 2:16 PM
“Your data is yours and yours always,” said Oura CEO Tom Hale.
This doesn't mean... anything? Oura data *isn't* end-to-end encrypted, it's stored in a way that allows Oura *staff* to access sensitive health data, and Oura's spokesperson has admitted it has received government demands for user data!
This doesn't mean... anything? Oura data *isn't* end-to-end encrypted, it's stored in a way that allows Oura *staff* to access sensitive health data, and Oura's spokesperson has admitted it has received government demands for user data!
A good thread from a privacy hawk who's been raising awareness about Ring's surveillance and law enforcement connections for years.
Ok, you can stop texting me, I saw the Ring ad. Troubling things about it 🧵:
-The long awaited (much warned about) intro of “AI” recognition. It starts w/ searching for a “brown dog” but means the tech is there for lisence plate reading, face recognition, searching for suspects by description, etc
-The long awaited (much warned about) intro of “AI” recognition. It starts w/ searching for a “brown dog” but means the tech is there for lisence plate reading, face recognition, searching for suspects by description, etc
February 9, 2026 at 1:42 PM
A good thread from a privacy hawk who's been raising awareness about Ring's surveillance and law enforcement connections for years.
And my latest this.weekinsecurity.com newsletter is now out, featuring stories on: Moltbook's launch and security meltdown; Homeland Security demands tech firms unmask Trump critics; a bunch of data breaches, our legal & criminal threats survey results, and much more. Plus, a brand new cyber-cat.
this week in security — february 8 2026 edition
Moltbook security lapse on launch, China hijacked Notepad++ updates for months, DHS demands tech firms unmask Trump critics, many data breaches, and more.
this.weekinsecurity.com
February 8, 2026 at 4:28 PM
And my latest this.weekinsecurity.com newsletter is now out, featuring stories on: Moltbook's launch and security meltdown; Homeland Security demands tech firms unmask Trump critics; a bunch of data breaches, our legal & criminal threats survey results, and much more. Plus, a brand new cyber-cat.
Reposted by Zack Whittaker
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
February 7, 2026 at 1:42 PM
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
The world is on fire, but here's a nice thing. A few months ago, a pigeon laid two eggs under our outdoor furniture on our balcony. We put a camera in there to keep an eye. The eggs hatched, survived, grew up, flapped their wings, and left the nest. :) Here's what happened & what we learned.
February 8, 2026 at 12:42 AM
The world is on fire, but here's a nice thing. A few months ago, a pigeon laid two eggs under our outdoor furniture on our balcony. We put a camera in there to keep an eye. The eggs hatched, survived, grew up, flapped their wings, and left the nest. :) Here's what happened & what we learned.
Reposted by Zack Whittaker
Dutch data protection agency was hacked via the two recent Ivanti zero-days disclosed earlier this month
www.tweedekamer.nl/kamerstukken...
www.tweedekamer.nl/kamerstukken...
February 7, 2026 at 10:24 PM
Dutch data protection agency was hacked via the two recent Ivanti zero-days disclosed earlier this month
www.tweedekamer.nl/kamerstukken...
www.tweedekamer.nl/kamerstukken...
Reposted by Zack Whittaker
@zackwhittaker.com s newsletter and the risky.biz podcast source about 98% of current cybersecurity news for me in varying depth and with further resources.
Check it out!
Check it out!
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
February 7, 2026 at 4:05 PM
@zackwhittaker.com s newsletter and the risky.biz podcast source about 98% of current cybersecurity news for me in varying depth and with further resources.
Check it out!
Check it out!
Reposted by Zack Whittaker
I’ve said this before, but it bears repeating:
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
February 7, 2026 at 2:30 PM
I’ve said this before, but it bears repeating:
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
Reposted by Zack Whittaker
If I haven’t said this a few times: @zackwhittaker.com is a truly brilliant reporter and mind in cybersecurity and this newsletter is the only thing I read to fully catch up on what I needed to know in the field if I was out on vacation for a week. You should be doing the Patreon thing here.
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
February 7, 2026 at 2:36 PM
If I haven’t said this a few times: @zackwhittaker.com is a truly brilliant reporter and mind in cybersecurity and this newsletter is the only thing I read to fully catch up on what I needed to know in the field if I was out on vacation for a week. You should be doing the Patreon thing here.
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
February 7, 2026 at 1:42 PM
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Reposted by Zack Whittaker
Here's a story I tried to write for 6 years, and one that took a sharp turn due to the Epstein files.
It's about a man who, until these files, was a near-total ghost.
He was an investor in EV startup Canoo. But he was also, apparently, Epstein's business partner.
techcrunch.com/2026/02/06/p...
It's about a man who, until these files, was a near-total ghost.
He was an investor in EV startup Canoo. But he was also, apparently, Epstein's business partner.
techcrunch.com/2026/02/06/p...
Prince Andrew advisor pitched Jeffrey Epstein on investing in EV startups like Lucid Motors | TechCrunch
The mysterious businessman pitched Jeffrey Epstein on numerous mobility startups in an era when the sector was white hot, according to TechCrunch's review of hundreds of documents released by the Depa...
techcrunch.com
February 6, 2026 at 9:27 PM
Here's a story I tried to write for 6 years, and one that took a sharp turn due to the Epstein files.
It's about a man who, until these files, was a near-total ghost.
He was an investor in EV startup Canoo. But he was also, apparently, Epstein's business partner.
techcrunch.com/2026/02/06/p...
It's about a man who, until these files, was a near-total ghost.
He was an investor in EV startup Canoo. But he was also, apparently, Epstein's business partner.
techcrunch.com/2026/02/06/p...
Reposted by Zack Whittaker
HAPPENING NOW: DHS just expedited Liam Conejo Ramos' asylum hearing to this morning, meaning it's possible the five-year-old and his family could be deported as soon as today.
Rep. Joaquin Castro: "The Trump administration is trying to take him away again." www.huffpost.com/entry/trump-...
Rep. Joaquin Castro: "The Trump administration is trying to take him away again." www.huffpost.com/entry/trump-...
Five-Year-Old Liam Ramos Is In His Asylum Hearing Right Now
www.huffpost.com
February 6, 2026 at 7:05 PM
HAPPENING NOW: DHS just expedited Liam Conejo Ramos' asylum hearing to this morning, meaning it's possible the five-year-old and his family could be deported as soon as today.
Rep. Joaquin Castro: "The Trump administration is trying to take him away again." www.huffpost.com/entry/trump-...
Rep. Joaquin Castro: "The Trump administration is trying to take him away again." www.huffpost.com/entry/trump-...
New, by me: I wrote some words for TechCrunch about Sen. Ron Wyden's recent unclassified letter to the CIA director, citing his "deep concerns" about the agency's activities. This isn't the first time Wyden has sounded his "siren" — and history tells us why this new letter is likely a big deal.
Senator, who has repeatedly warned about secret U.S. government surveillance, sounds new alarm over 'CIA activities' | TechCrunch
The two-line letter to the CIA's director is the latest warning in recent years from a long-serving Democratic senator with knowledge of secret government programs and intelligence operations.
techcrunch.com
February 6, 2026 at 6:09 PM
New, by me: I wrote some words for TechCrunch about Sen. Ron Wyden's recent unclassified letter to the CIA director, citing his "deep concerns" about the agency's activities. This isn't the first time Wyden has sounded his "siren" — and history tells us why this new letter is likely a big deal.
Reposted by Zack Whittaker
If you've been laid off by the Washington Post this week and have any questions re: digital security, please email me on runa@granitt.io. I'll help you pro-bono for the rest of the month.
February 6, 2026 at 4:00 PM
If you've been laid off by the Washington Post this week and have any questions re: digital security, please email me on runa@granitt.io. I'll help you pro-bono for the rest of the month.
Reposted by Zack Whittaker
The extent to which this administration personally targets and continues the assault on people who embarrass and shame it is particularly despicable.
BREAKING: The federal government has filed a motion seeking to end asylum claims for the family of Liam Conejo Ramos, according to the lawyer representing the family.
DHS has requested expedited deportation proceedings against family of Liam Conejo Ramos
The federal government has filed a motion seeking to end asylum claims for the family of Liam Conejo Ramos, according to the lawyer representing the family.
www.mprnews.org
February 6, 2026 at 3:04 AM
The extent to which this administration personally targets and continues the assault on people who embarrass and shame it is particularly despicable.
Reposted by Zack Whittaker
NEW: Records reviewed by WIRED show DHS’s facial recognition app (Mobile Fortify) isn’t designed to actually "verify" identity—despite DHS claims and its agents relying on its matches to support probable cause in the field.
ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are
ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that—and only got approved after DHS abandoned its own privacy r...
www.wired.com
February 5, 2026 at 8:29 PM
NEW: Records reviewed by WIRED show DHS’s facial recognition app (Mobile Fortify) isn’t designed to actually "verify" identity—despite DHS claims and its agents relying on its matches to support probable cause in the field.
Reposted by Zack Whittaker
The Department of Homeland Security is using administrative subpoenas, a secretive tool issued without a judge's signature, to go after people lawfully reporting ICE activity or criticizing DHS policies.
This is a direct attack on our First Amendment rights and we're fighting back.
This is a direct attack on our First Amendment rights and we're fighting back.
Homeland Security is trying to force tech companies to hand over data about Trump critics | TechCrunch
The use of administrative subpoenas, which are not subject to judicial oversight, are used to demand a wealth of information from tech companies, including the owners of anonymous online accounts documenting ICE operations.
techcrunch.com
February 5, 2026 at 9:33 PM
The Department of Homeland Security is using administrative subpoenas, a secretive tool issued without a judge's signature, to go after people lawfully reporting ICE activity or criticizing DHS policies.
This is a direct attack on our First Amendment rights and we're fighting back.
This is a direct attack on our First Amendment rights and we're fighting back.
Reposted by Zack Whittaker
NEW: An alleged ransomware attack has taken the computer systems of one of the largest universities in Europe offline for three days.
La Sapienza university in Rome is still working to restore the systems, and the hackers behind the attack are reportedly a new ransomware gang called Femwar02.
La Sapienza university in Rome is still working to restore the systems, and the hackers behind the attack are reportedly a new ransomware gang called Femwar02.
One of Europe's largest universities knocked offline for days after cyberattack | TechCrunch
An alleged ransomware attack has taken down the systems of the Sapienza University of Rome.
techcrunch.com
February 5, 2026 at 7:03 PM
NEW: An alleged ransomware attack has taken the computer systems of one of the largest universities in Europe offline for three days.
La Sapienza university in Rome is still working to restore the systems, and the hackers behind the attack are reportedly a new ransomware gang called Femwar02.
La Sapienza university in Rome is still working to restore the systems, and the hackers behind the attack are reportedly a new ransomware gang called Femwar02.
Reposted by Zack Whittaker
Wrote about some of the history of the Wyden Siren from @wyden.senate.gov and why we should take it VERY seriously when he sends a cryptic letter like he did yesterday.
The Wyden Siren: Senator’s Cryptic CIA Letter Follows A Pattern That’s Never Been Wrong
If you've been paying attention to surveillance and civil liberties issues over the past fifteen years, you've likely learned to recognize a particular pattern. Senator Ron Wyden will occasionally send a public…
If you've been paying attention to surveillance and civil liberties issues over the past fifteen years, you've likely learned to recognize a particular pattern. Senator Ron Wyden will occasionally send a public…
The Wyden Siren: Senator’s Cryptic CIA Letter Follows A Pattern That’s Never Been Wrong
If you've been paying attention to surveillance and civil liberties issues over the past fifteen years, you've likely learned to recognize a particular pattern. Senator Ron Wyden will occasionally send a public letter that essentially says "hey, I can't tell you what's happening because it's classified, but something really bad is going on and you should all be paying attention."
www.techdirt.com
February 5, 2026 at 6:25 PM
Wrote about some of the history of the Wyden Siren from @wyden.senate.gov and why we should take it VERY seriously when he sends a cryptic letter like he did yesterday.
NEW: Govtech giant Conduent says a 2025 data breach now affects far more people than first disclosed, with the number of victims who had personal and medical data stolen stretching to tens of millions of people across the United States.
Conduent says its business supports 100+ million people.
Conduent says its business supports 100+ million people.
Data breach at govtech giant Conduent balloons, affecting millions more Americans | TechCrunch
The ransomware attack at Conduent allowed hackers to steal a "significant number of individuals’ personal information" from the govtech giant's systems. Conduent handles personal and health data of mo...
techcrunch.com
February 5, 2026 at 3:30 PM
NEW: Govtech giant Conduent says a 2025 data breach now affects far more people than first disclosed, with the number of victims who had personal and medical data stolen stretching to tens of millions of people across the United States.
Conduent says its business supports 100+ million people.
Conduent says its business supports 100+ million people.