Sign in Subscribe
Zack Whittaker

Zack Whittaker

Zack is the author of ~this week in security~.
12
Apr
'26

this week in security — april 12 2026 edition

Russia mass-hacking routers, Iran hacking critical infrastructure, Microsoft locked out developers from accounts, U.S. spyware maker sentenced, and more.
9 min read
07
Apr
'26

That company's big hack probably wasn't an employee's fault

Companies that blame an employee or human error following a cyberattack often neglect to account for broader security failings.
4 min read
a stock photo of someone looking at their phone while working on their computer with Slack open.
05
Apr
'26

this week in security — april 5 2026 edition

North Korea breaches Axios project, ICE now using spyware, Iran targeting U.S. tech firms, DarkSword fixes for iOS 18 holdouts, a bunch of data breaches, and more.
8 min read
29
Mar
'26

this week in security — march 29 2026 edition

Iran's Handala hackers leak FBI Kash Patel's emails, iOS hacking tools posted online, FCC bans new foreign-made routers, open-source projects hacked, and more.
9 min read
26
Mar
'26

Security precautions to consider while traveling through airports

As border device searches rise, there are practical steps you can take to protect your devices and data from airport searches.
4 min read
a person walking past quickly, slightly blurred, a security checkpoint at an unspecified airport.
22
Mar
'26

this week in security — march 22 2026 edition

Iran government hacked Stryker, new exploit kit hacks iOS 18 devices, Meta scraps Instagram E2EE, breathalyzer company hack leaves drivers stranded, and more.
9 min read
21
Mar
'26

Lawmakers seek to close loophole that allows feds to buy people's location data without a warrant

Federal agencies have been purchasing large datasets to track people's whereabouts from data brokers without asking a court for approval.
3 min read
a screenshot of a C-SPAN stream showing FBI director Kash Patel testifying to lawmakers on Capitol Hill, with people sat behind him.
18
Mar
'26

Papers, please: Age verification laws threaten everyone's online security and privacy

Laws that require adults to upload their driver's licenses or passports to access apps, websites, and VPNs will make the entire web less safe.
7 min read
a photo of a computer screen showing an age verification check, saying "confirm your age" and presenting two buttons, one saying I am 18 years old or older, and I am under 18 years old.
08
Mar
'26

this week in security — march 8 edition 2026

Iran's cyber army is largely quiet, U.S. CBP tracks people with ad data, Meta sued over gross smart glasses, half of zero-days found in enterprise tech, and more.
9 min read
07
Mar
'26

A beginner's guide to analyzing the network traffic of apps and websites

In 2025, journalist Zack Whittaker found three popular apps were leaking sensitive user data. This is how he uses network analysis tools like Burp Suite to understand how apps and websites work and share your data. This is how you can, too.
19 min read
a photo of a photo featuring a chat window, on a wooden desk, next to a large backlit mechanical keyboard.
01
Mar
'26

this week in security — march 1 2026 edition

U.S. deems Anthropic national security supply chain risk, CISA's acting director replaced, Marquis sues SonicWall over data breach, new Wi-Fi attack, and more.
9 min read
25
Feb
'26

FBI agents visited my home about an article I wrote, and now I can't go to Mexico

Mexico formally requested the FBI's help in seeking answers about one of my stories. Having federal agents on my doorstep sparked my own years-long effort to pry information out of the FBI to explain why it came to my house to begin with.
7 min read
a photo of the Department of Justice's shield with the FBI's logo, on a concrete wall.