this week in security — january 11 2026 edition
pcTattletale founder guilty, hackers breach New Zealanders' health data, Iran cuts off internet amid protests, Instagram data leak, Flock security lapse, and more.
ClickFix attacks are increasingly devious, dangerous, and can hack you in an instant
These attacks spoof Windows errors, CAPTCHAs, and real login pages to trick victims into hacking themselves with malware that skirts common cyber defenses.
this week in security — january 4 2026 edition
MongoBleed bug exploited globally, U.S. lifts sanctions on spyware executives, calls for digital independence from Silicon Valley, Kimwolf's huge botnet, and more.
this week in security — december 21 2025 edition
Mixpanel breach spreads to Pornhub; new Cisco zero-day under attack; French and U.K. governments hacked; TV makers sued for taking screenshots; and more.
Are you a security researcher or journalist? Working in partnership, this week in security and DataBreaches.net want to hear from you about your experiences facing or receiving legal demands and criminal threats as part of your research or reporting. We hope to learn more about how threats affect cybersecurity research and the journalism process.
Responses can be anonymous. Please take our survey (and please share!)
Apple nuking a customer's account over a bad gift card is a warning for everyone
One long-time Apple customer was left with no recourse after a bad gift card triggered a full account and device lock-out.
this week in security — december 14 2025 edition
U.S. wants travelers to submit social media history; Petco's lapses exposed data; tech giants patch zero-days; Coupang CEO resigns after breach; and more
Last-minute cybersecurity and privacy gifts your friends and family won't hate
Running out of gift ideas for the security or privacy buff in your life? Here are some thoughtful suggestions, including what tech you might want to avoid.
this week in security — december 7 2025 edition
India scraps mandatory phone app, Coupang breach rocks South Korea, critical React and Next.js bug under attack, Brickstorm malware warning, and more.
I've investigated 'stalkerware' for five years. Here's what I've learned
Stalkerware is a pervasive surveillance used by millions around the world, but these operations keep getting hacked and leaking victims' private phone data.
this week in security — november 30 2025 edition
Prolific hacker outed as Jordanian teen, Shai-Halud worm hacks thousands of devs, FCC warns of emergency alert hijacks, Mixpanel breach hits OpenAI, and more.
Banning TP-Link won't save America from its own terrible cybersecurity
TP-Link routers face a ban in the U.S. over the company's alleged links to China, but shoddy cybersecurity is the real insider threat to the United States.
