TechCrunch Disrupt 2025 marks 20 years of shaping the startup world â and tonightâs your last chance to save up to $675 on your ticket. From October 27â29, Disrupt returns to Moscone West in San Francisco. Join 10,000+ tech innovators, founders, VCs, and ecosystem builders for three days of high-impact programming, networking, and startup energy. […]
Recent developments and an escalating trade war have made travel to cities like Beijing challenging but by no means impossible.
For likely the first time ever, security researchers have shown how AI can be hacked to create real world havoc, allowing them to turn off lights, open smart shutters, and more.
Google confirmed that one of its cloud-stored Salesforce databases was breached, exposing its customer data. Google attributed the breach to a hacking group, ShinyHunters, known for breaking into Salesforce databases.
Human judgement remains central to the launch of nuclear weapons. But experts say it’s a matter of when, not if, artificial intelligence will get baked into the world’s most dangerous systems.
Cisco disclosed a data breach including customer names, organization names, addresses, email addresses, and phone numbers of Cisco.com users.
Security researchers say they have evidence that ransomware gangs are hacking into large companies that rely on fully-patched SonicWall firewalls. The researchers say it's likely the flaw is a "zero-day" bug currently unknown to SonicWall.
The discoveries by an AI-based bug hunter are significant, as it shows these tools are starting to get real results, even if they still need a human.
Internet giant Cloudflare says it detected Perplexity crawling and scraping websites, even after customers had added technical blocks telling Perplexity not to scrape their pages.
North Korean IT workers are increasingly using generative AI to draft resumes and "deepfake" their appearances to make money for North Korea's sanctioned nuclear weapons program.
The Defense Department operates slot machines on US military bases overseas, raising millions of dollars to fund recreation for troops—and creating risks for soldiers prone to gambling addiction.
Plus: A former top US cyber official loses her new job due to political backlash, Congress is rushing through a bill to censor lawmakers’ personal information online, and more.
News of a backlog at the U.S. federal department comes less than a week after national security experts urged the Trump administration to reverse its decision that allows Nvidia to export H20 chips to China.
The internet-connected sex toy maker said it fixed the vulnerabilities that exposed users' private email addresses and accounts to takeovers, but said it was also planning to take legal action following the disclosure.
German authorities said they have seized the servers used by the long-running ransomware gang, BlackSuit, which is blamed for cyberattacks across Europe and the U.S., including the City of Dallas.
The FSB cyberespionage group known as Turla seems to have used its control of Russia's network infrastructure to meddle with web traffic and trick diplomats into infecting their computers.
Google will use machine learning and user data to estimate age of users in the U.S.
Proton has a free new authenticator apps, which is available cross-platform with end-to-end encryption protection for data.
The cybersecurity giant is getting into identity security with its acquisition of CyberArk, which is one of the biggest cybersecurity deals of the year so far.
Germ's new app lets users send end-to-end encrypted messages on Bluesky. TechCrunch speaks with the Germ founders to hear why they came up with the idea.
The U.S. insurance giant tells state regulators that Social Security numbers were among the personal information stolen in its mid-July cyberattack.
Gov. Tim Walz activated the state military's cyber forces to help ensure public services continue to run as the city of Saint Paul battles an ongoing cyberattack.
Skechers launches kids' shoes with built-in AirTag holder.
Google said it has "never built a backdoor" for its services, but refused to rule out that it had received a secret U.K. surveillance order demanding access to encrypted data.
Dating safety app Tea experienced a second data breach in as many weeks, exposing over a million sensitive messages between users.
The telecom giant, one of the largest in the world with customers in Europe and Africa, said customers are experiencing ongoing disruption to its services due to an unspecified hack.
A security researcher went public after the sex toy maker asked for more than a year to fix the vulnerabilities, which leak users' private email addresses and allow for accounts to be hijacked.
A law requiring UK internet users to verify their age to access adult content has led to a huge surge in VPN downloads—and has experts worried about the future of free expression online.
The top cybersecurity official in New York told TechCrunch in an interview that Trump's budget cuts are going to put the government at risk from cyberattacks, and will put more pressure on states to secure themselves.
Russian prosecutor said it opened a criminal investigation into the cyberattack targeting Aeroflot, the largest airline in Russia.
Tea, an app that allows women to post anonymous comments about men theyâve supposedly dated, announced Friday that it has suffered a data breach, with hackers gaining access to 72,000 images.
Exclusive: Allianz Life said the "majority" of its customers and employees had data stolen in the July cyberattack. The company said it has notified the FBI.
Google has suspended the Firebase account of Catwatchful following a TechCrunch investigation. The spyware operation was caught using Google's own servers to host and run its surveillance app, which was stealthily monitoring thousands of people's phones.
Starting today, UK adults will have to prove their age to access porn online. Experts warn that a global wave of age-check laws threatens to chill speech and ultimately harm children and adults alike.
Security flaws in Airportr, a door-to-door luggage checking service used by 10 airlines, let hackers access user data and even gain privileges that would have let them redirect or steal luggage.
Exclusive: The popular "leaking and cracking" forum left one of its databases exposed to the internet without a password, exposing the IP addresses of its users logging in.
"We're getting a lot of stuff that looks like gold, but it's actually just crap,â said the founder of one security testing firm. AI-generated security vulnerability reports are already having an effect on bug hunting, for better and worse.
Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.
French authorities say they wiretapped a server used by the administrator to access their private messages, which revealed activities relating to cybercrime and ransomware attacks.
One of the hacked organizations reportedly includes the U.S. agency responsible for maintaining the country's stockpile of nuclear weapons. China-backed hackers have been observed carrying out the hacks targeting SharePoint servers.
Researchers say Apple sent out threat notifications to several Iranians in recent months, saying their iPhones had been hacked. Iran is likely behind the attacks.
Experts applauded the proposed change, which would require ransomware victims to notify authorities when paying a hacker's ransom, arguing that this information can help catch cybercriminals and stop their activities.
TechCrunch Disrupt 2025 is where breakthrough ideas meet the real-world challenges that define the future â and with over 10,000 startup and VC leaders converging, thereâs no better place to have the hard conversations. One of the most urgent? How artificial intelligence is reshaping national defense, security, and critical infrastructure in real time. Enter AI […]
The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned "multiple actors" are also hacking into affected SharePoint systems.
The spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether.
Thousands of SharePoint servers could be vulnerable to hackers, according to cybersecurity firms.
TechCrunch Disrupt 2025 is just around the corner, and with more than 10,000 startup and VC leaders heading to Moscone West in San Francisco this October 27 to 29, the Expo Hall is where connections get made and business gets done. If youâve been thinking about showcasing your company, consider this your nudge â exhibitor […]
The crypto exchange, the largest in India, said it plans to absorb the costs of the breach.
Security researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and must assume they have already been compromised.
Of those, more than 200 appear to have had outages of services related to patient care following CrowdStrike’s disastrous crash, researchers have revealed.
These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers.Â
AI tools are increasingly asking for gross levels of access to your personal data under the guise of needing it to work.
Plus: Secret IRS data-sharing with ICE, a 20-year-old hackable vulnerability in train brakes, and more.
The new SS7 bypass-attack tricks phone operators into disclosing a cell subscriber's location, in some cases down to a few hundred meters.
A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus.
The bug in the modified messaging app can expose users' âplaintext usernames, passwords, and other sensitive data,â per GreyNoise.
Chainalysis said crypto thefts during the first half of 2025 were at record levels, thanks in large part to a single breach at a major crypto exchange.
Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.
The US government has added the DNA of approximately 133,000 migrant children and teens to a criminal database, which critics say could mean police treat them like suspects “indefinitely.”
The video game giant banned an unknown number of cheaters that were using one of the oldest-running cheats.
A trove of 1.1 million records left accessible on the open web shows how much sensitive information can be created—and made vulnerable—during the adoption process.
Metadata from the “raw” Epstein prison video shows approximately 2 minutes and 53 seconds were removed from one of two stitched-together clips. The cut starts right at the “missing minute.”
Millions of people are accessing harmful AI “nudify” websites. New analysis says the sites are making millions and rely on tech from US companies.
Plus: An “explosion” of AI-generated child abuse images is taking over the web, a Russian professional basketball player is arrested on ransomware charges, and more.
Analysis: In calling itself an ethical spyware vendor, Paragon has opened itself up to scrutiny of its government customers.
The U.S. cybersecurity agency gave federal agencies just one day to patch a security bug in Citrix Netscaler, which can be exploited to break into corporate and government networks.
There is no evidence the footage was deceptively manipulated, but ambiguities around how the video was processed may further fuel conspiracy theories about Epstein's death.
Security researchers found two flaws in an AI-powered chatbot used by McDonaldâs to interact with job applicants.
DHS is urging law enforcement to treat even skateboarding and livestreaming as signs of violent intent during a protest, turning everyday behavior into a pretext for police action.
Daniil Kasatkin was reportedly arrested in a Paris airport on June 21 at the request of U.S. authorities.
The U.K. National Crime Agency said the suspects are in custody in relation to the hacks targeting Marks & Spencer, Harrods, and the Co-op.
While highly sought after, federal software contracts frequently come with a hidden cost: Achieving government SaaS security compliance, known as FedRAMP, can take years and require substantial resources. Achieving this certification typically takes up to three years and costs more than $3 million, covering everything from security operations engineer salaries to security audits, according to […]
Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai.
Dorsey admitted that his new messaging app had not been reviewed or tested for security issues prior to its launch.
Time is running out to secure your exhibit table at TechCrunch Disrupt 2025, October 27-29, at Moscone West in San Francisco. This is your chance to get your startup in front of 10,000+ startup pioneers, VC leaders, and tech enthusiasts. Learn more and grab your table here before your competitor does. Maximum exposure for your […]
These carrier security settings can prevent your phone number from being hijacked or stolen.
Accused hacker and Chinese national Xu Zewei was arrested in Italy at the request of U.S. prosecutors.
Activision last week brought offline the Microsoft Store version of "Call of Duty: WWII" as the company was investigating âreports of an issue.â
The retail giant's chair confirmed the breach was caused by ransomware.
Ingram Micro is one of the largest distributors of tech and cloud products.
Plus: Iran-linked hackers threaten to release Trump campaign emails, Chinese hackers still in US telecoms networks, and an abusive deepfake website plans an expansion.
IARPA director Rick Muller is departing after just over a year at the R&D unit that invests in emerging technologies of potential interest to agencies like the NSA and the CIA, WIRED has learned.
The platform, which allows users to anonymously share the locations of ICE agents, is currently the third-most-downloaded iPhone app.
Customs and Border Protection is asking companies to pitch tools for performing deep analysis on the contents of devices seized at the US border.
The cybercriminal group, which said it's releasing its decryption tools to victims, may be transitioning to new infrastructure under a different name.
LGBTIQ+ organizations in El Salvador are using technology to protect themselves and create a record of the country’s ongoing authoritarian escalations against their community. It’s not without risks.
The insurance giant is one of the largest insurers in India.
The Scattered Spider hacking group has caused chaos among retailers, insurers, and airlines in recent months. Researchers warn that its flexible structure poses challenges for defense.
The spyware operation's exposed customer email addresses and passwords were shared with data breach notification service Have I Been Pwned.
Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger.
Qantas, the largest airline in Australia, confirmed the theft of 6 million customers' personal information.
The citizen app for anonymously reporting ICE agents and raids went viral after criticism from the U.S. Attorney General.
The US Justice Department revealed the identity theft number along with one arrest and a crackdown on “laptop farms” that allegedly facilitate North Korean tech worker impersonators across the US.
US prosecutors indicated a total of 13 people involved in the fraudulent scheme to steal and launder money for North Koreaâs nuclear weapons program.
The watchdog revealed the 2018 incident as part of an audit of the FBI"s counter-surveillance efforts.
Plus: US feds charge alleged masterminds behind infamous forum, Scattered Spider targets airlines, and hackers open a valve at a Norwegian dam.
The fresh wave of attacks targeting airlines comes soon after the hackers hit the U.K. retail sector and the insurance industry.
In a 6-3 decision, the Supreme Court held that age verification for explicit sites is constitutional. In a dissent, Justice Elena Kagan warned it burdens adults and ignores First Amendment precedent.
Kai West was arrested in France, along with four other hackers, all suspected of being part of the well-known hacking forum, BreachForums.