Sign in Subscribe
Zack Whittaker

Zack Whittaker

Zack is the author of ~this week in security~.
24
May
'26

this week in security — may 24 2026 edition

GitHub hacked, CISA exposed cloud keys, Oura gets government demands for data, a few zero-days under attack, wrench attacks on the rise, authorities seize a VPN used by ransomware gangs, HIPAA set for a security overhaul, and more.
9 min read
23
May
'26

Oura says it gets government demands for user data. Will it share how many?

Oura users' data is not end-to-end encrypted and can be handed to the government. Will the wearable tech maker say how often it turns over data?
4 min read
an Oura ring stood up on its side, against a red lit backdrop.
20
May
'26

AI can find bugs and flaws, but don't forget the cybersecurity basics

The leading cause of big breaches is failing to do the cybersecurity fundamentals.
5 min read
a photo of a set of keys left in a door lock, a visualization of a security vulnerability.
17
May
'26

this week in security — may 17 2026 edition

Instructure pays hackers' ransom, Trump and Xinping chat cyber in China, a million more IDs leak online, a ransomware gang gets hacked, Cisco's layoffs and a new zero-day, a decades-old Iranian nuclear malware mystery is solved, and more.
11 min read
11
May
'26

The most dangerous threats to the internet in 2026

From surveillance and choking online access to governments going rogue, these are the most pressing threats to face the internet and its billions of users today.
13 min read
a photo showing red lightning in the darkened sky, with cell tower and networking equipment in the background.
10
May
'26

this week in security — may 10 2026 edition

Instructure hacked and Canvas defaced, CopyFail bug under attack, Daemon Tools backdoored, AI vibe coding apps exposing data, U.S. states shared sensitive data with ad-tech giants, mass tech layoffs, and more.
10 min read
04
May
'26

Plot twist: I'm suing the Justice Department and FBI

Why I'm suing the government for records under the Freedom of Information Act.
3 min read
a photo outside the front doors of the E. Barrett Prettyman United States Court House in Washington, D.C., home to the United States District Court for the District of Columbia
03
May
'26

this week in security — may 3 2026 edition

cPanel/WHM login bug under mass-attack, Supreme Court split on legality of geofence warrants, CopyFail bug threatens Linux distros, Ubuntu services hit by DDoS, hackers divert funds from Sri Lanka, a ton of data breaches, and more.
10 min read
02
May
'26

Why every organization should make it easy to report security flaws

Companies make it too challenging to report security bugs and data leaks. Having a dedicated security email address could save your company from a damaging hack.
8 min read
a series of illustrated and illuminated email symbols, in different colors, on a darkened background.
26
Apr
'26

this week in security — april 26 2026 edition

Vercel hacked and customer data stolen, Apple fixes bug that cached deleted Signal messages, spy vendors caught tapping phone telcos, North Korea's very lucrative crypto heists, unauthorized access to Anthropic Mythos model, and more.
8 min read
23
Apr
'26

Why your doctor's AI recorder can be bad for your health (and privacy)

Privacy experts have nine good reasons why you can — and should — decline a doctor or therapist's request to record your conversations with AI tools.
3 min read
a person sitting at a desk with a computer, phone in hand, as if to talk to an AI recording tool on his phone.
19
Apr
'26

this week in security — april 19 2026 edition

Lawmakers punt on FISA spy vote, Sweden blames Russia for power plant hack, Madison Square Garden's creepy surveillance, Adobe fixes PDF hack, and more.
8 min read