zackwhittaker - Network

If you need a Pocket replacement, Wallabag is a great open-source "read later" service. It's self-hosted, or you can have it...

If you need a Pocket replacement, Wallabag is a great open-source "read later" service. It's self-hosted, or you can have it hosted for literally a few dollars every year. Well worth it, and I've found Wallabag to be as good as (if not better than) Pocket. https://techcrunch.com/2025/05/22/mozilla-is-shutting-down-read-it-later-app-pocket/

Wallabag's website: https://wallabag.org

Looks like the Trump administration's immigration crackdown is already affecting U.S.-based hacker conferences, like HOPE. One speaker...

Looks like the Trump administration's immigration crackdown is already affecting U.S.-based hacker conferences, like HOPE. One speaker has already pulled out from HOPE citing the mass deportation efforts.

"The chilling effect of the Trump administration's anti-immigrant posture is real, and having impacts on legitimate travel," they said.

Curious to see how this'll also affect Black Hat, Def Con and many other U.S. cyber and hacker cons.

https://www.404media.co/hacker-conference-hope-says-fewer-people-buying-tickets-because-u-s-immigration-crackdown/

New: A Massachusetts student has agreed to plead guilty to hacking and extorting a U.S. education tech company, believed to be...

New: A Massachusetts student has agreed to plead guilty to hacking and extorting a U.S. education tech company, believed to be PowerSchool.

Federal prosecutors said the hacker stole personal data on 60 million students and 10 million teachers, and extorted the company for $2.8 million in bitcoin.

https://techcrunch.com/2025/05/21/us-student-agrees-to-plead-guilty-to-hack-affecting-tens-of-millions-of-students/

Coinbase confirmed that over 69,000 customers had personal and financial information stolen in its recent data...

Coinbase confirmed that over 69,000 customers had personal and financial information stolen in its recent data breach.

https://techcrunch.com/2025/05/21/coinbase-says-its-data-breach-affects-at-least-69000-customers/

Soon after a talk at Microsoft Build was disrupted by protesters, Microsoft’s head of security for AI, Neta Haiby "accidentally...

Soon after a talk at Microsoft Build was disrupted by protesters, Microsoft’s head of security for AI, Neta Haiby "accidentally switched to Microsoft Teams while sharing her screen, revealing confidential internal messages about Walmart’s upcoming use of Microsoft’s Entra and AI gateway services."

https://www.theverge.com/news/671373/microsoft-ai-security-chief-walmart-conversation-build-protest-disruption

A little bit of good news... Cocospy, Spyic and Spyzie, the stalkerware apps that were breached earlier this year and caught spying on...

A little bit of good news... Cocospy, Spyic and Spyzie, the stalkerware apps that were breached earlier this year and caught spying on millions of people's phones, now appears to have shut down.

New, from me: https://techcrunch.com/2025/05/19/cocospy-stalkerware-apps-go-offline-after-data-breach/

More: Coinbase CEO says the hacker demanded $20 million in a ransom payment not to publish the stolen data. A Coinbase spokesperson tells me...

More: Coinbase CEO says the hacker demanded $20 million in a ransom payment not to publish the stolen data.

A Coinbase spokesperson tells me that less than 1% of its monthly customers are affected. Per its latest figures out in March 2025, that's still around ~100k people who may be affected.

(post edited for clarity)

https://techcrunch.com/2025/05/15/coinbase-says-customers-personal-information-stolen-in-data-breach/

BREAKING: Coinbase says it was breached, and customers' personal information stolen. The crypto giant said the hacker was "paying...

BREAKING: Coinbase says it was breached, and customers' personal information stolen.

The crypto giant said the hacker was "paying multiple contractors or employees working in support roles," and contacted Coinbase with a ransom demand this week with stolen data, which Coinbase says is "credible."

https://techcrunch.com/2025/05/15/coinbase-says-customers-personal-information-stolen-in-data-breach/

New: Senior White House official Russell Vought, who's also the acting head of the Consumer Financial Protection Bureau, has scrapped a...

New: Senior White House official Russell Vought, who's also the acting head of the Consumer Financial Protection Bureau, has scrapped a plan that would have blocked data brokers from selling Americans' personal and financial information, including Social Security numbers.

https://techcrunch.com/2025/05/14/white-house-scraps-plan-to-block-data-brokers-from-selling-americans-sensitive-data/

Curious situation as another local government, Doña Ana County, says its news site, which is managed by third-party vendor Granicus, was...

Curious situation as another local government, Doña Ana County, says its news site, which is managed by third-party vendor Granicus, was compromised. Scam emails were also sent.

The county's IT director says it's a "system-wide issue affecting other government clients."

Granicus hasn't responded to a follow-up email.

My updated story:

https://techcrunch.com/2025/05/13/government-email-alert-system-govdelivery-used-to-send-scam-messages/

New, by me: GovDelivery, an email alert system used by U.S. federal and state government departments, was used to send scam messages. One...

New, by me: GovDelivery, an email alert system used by U.S. federal and state government departments, was used to send scam messages. One "unpaid toll" scam email sent via GovDelivery, which I've seen, was sent by Indiana's Emergency Operations Center from an official government email address.

https://techcrunch.com/2025/05/13/government-email-alert-system-govdelivery-used-to-send-scam-messages/

New: U.K. retail giant Marks & Spencer confirms customer data was stolen during its April hack. A ransomware gang has already taken...

New: U.K. retail giant Marks & Spencer confirms customer data was stolen during its April hack. A ransomware gang has already taken credit for the breach.

https://techcrunch.com/2025/05/13/marks-spencer-confirms-customers-personal-data-was-stolen-in-hack/

A busy ~ this week in security ~ is now out, with stories on the TeleMessage/Signalgate hacks, why NSO is on the hook for $167M in damages...

A busy ~ this week in security ~ is now out, with stories on the TeleMessage/Signalgate hacks, why NSO is on the hook for $167M in damages to WhatsApp, and PowerSchool is finding out the hard way that paying a ransom gets you nowhere.

Also: CrowdStrike's layoffs, Deportation Airways hacked, South Korea's top telecom hack is a hot mess, and more.

Plus, the happy corner and a cyber cat.

Sign up/RSS: https://this.weekinsecurity.com

Read online: https://mailchi.mp/weekinsecurity/this-week-in-security-may-11-2025-edition

Donate: https://ko-fi.com/thisweekinsecurity

New: This week, WhatsApp won $167M from NSO Group following a 2019 spyware attack targeting the messaging app's users. @lorenzofb looks...

New: This week, WhatsApp won $167M from NSO Group following a 2019 spyware attack targeting the messaging app's users. @lorenzofb looks at what we learned from the docket.

My favorite tidbit? NSO's HQ shares the *same building* as Apple. Must make for awkward elevator small-talk.

https://techcrunch.com/2025/05/10/five-things-we-learned-from-whatsapp-vs-nso-group-spyware-lawsuit/

Good news! An encryption backdoor bill in Florida has...

Good news! An encryption backdoor bill in Florida has failed.

https://techcrunch.com/2025/05/09/florida-bill-requiring-encryption-backdoors-for-social-media-accounts-has-failed

PowerSchool paid a hacker’s ransom, but now schools say they are being...

PowerSchool paid a hacker’s ransom, but now schools say they are being extorted.

https://techcrunch.com/2025/05/08/powerschool-paid-a-hackers-ransom-but-now-schools-say-they-are-being-extorted/

New, by me: VC giant Insight Partners has confirmed data breach, including personal information of its current and former employees, and...

New, by me: VC giant Insight Partners has confirmed data breach, including personal information of its current and former employees, and information about its private investors (limited partners), during January cyberattack.

https://techcrunch.com/2025/05/08/vc-firm-insight-partners-confirms-personal-data-stolen-during-january-hack/

If you're a fan of cyber news but don't know where to begin, my free newsletter ~ this week in security ~ is a weekly roundup of all...

If you're a fan of cyber news but don't know where to begin, my free newsletter ~ this week in security ~ is a weekly roundup of all the cyber news you need to know, plus the happy corner and a weekly featured cyber cat. No email open or link tracking.

Out Sundays. Sign up now to get this week's edition.

https://this.weekinsecurity.com/

A long, brilliant weekend read: @lorenzofb chatted with the head of Riot Games' anti-cheat team about how the video game maker is...

A long, brilliant weekend read: @lorenzofb chatted with the head of Riot Games' anti-cheat team about how the video game maker is fighting its war against cheaters and cheat makers, including infiltrating cheat communities and using psychological tricks to discredit cheaters.

https://techcrunch.com/2025/05/03/how-riot-games-is-fighting-the-war-against-video-game-hackers

Excellent @lhn headline. https://www.wired.com/story/mike-waltz-has-somehow-gotten-even-worse-at-using-signal/

Excellent @lhn headline. https://www.wired.com/story/mike-waltz-has-somehow-gotten-even-worse-at-using-signal/