NEW: The internet in Iran is nearly completely shut down, according to internet monitoring firms.

NEW: The internet in Iran is nearly completely shut down, according to monitoring firms.

The blackout comes in the midst of countrywide protests that have lasted for days after spikes in prices and shortages of basic goods. The govenrment has responded with a violent crackdown.

“I think we’re at a near-total disconnection from the outside world now,” said Amir Rashidi, an Iranian cybersecurity researcher. 

http://techcrunch.com/2026/01/08/internet-collapses-in-iran-amid-protests-over-economic-crisis/

NEW: U.S. insurance giant Aflac says its June data breach affected 22.6 million people.

The hackers, the company says, stole data such as Social Security numbers, government IDs, and health information.

https://techcrunch.com/2025/12/23/us-insurance-giant-aflac-says-hackers-stole-personal-data-of-22-6-million/

What's up with all these "secret location" Barcelona offensive cybersecurity conferences?

NEW: Cisco discovered a Chinese hacking campaign targeting an unknown number of customers.

The hackers have been exploiting a zero-day in some of Cisco's most popular products "since at least late November 2025," the company said.

There is no patch available at this point.

https://techcrunch.com/2025/12/17/cisco-says-chinese-hackers-are-exploiting-its-customers-with-a-new-zero-day/

And Haaretz also had a good story on the flow of Israeli offensive cybersecurity workers to Barcelona.

https://www.haaretz.com/israel-news/security-aviation/2024-12-26/ty-article/.premium/israeli-hackers-flock-to-barcelona-as-spyware-industry-shifts/00000193-fec4-df5b-a9b3-fec5d9dc0000

If you’re wondering about the offensive cybersecurity and spyware scene in Barcelona, I wrote a deep dive into it earlier this year.

https://techcrunch.com/2025/01/13/how-barcelona-became-an-unlikely-hub-for-spyware-startups/

There's a new offensive cybersecurity conference in Barcelona. The tagline: "Sun, seafood, and spyware."

That rings a bell...🤔

https://offensive-bcn.com/

NEW: Delivery giant DoorDash disclosed a data breach impacting an unspecified number of users.

Hackers stole names, emails, phone numbers, and physical addresses, but DoorDash said that “no sensitive information was accessed by the unauthorized third party." 🤔

https://techcrunch.com/2025/11/17/doordash-confirms-data-breach-impacting-users-phone-numbers-and-physical-addresses/

NEW: Cybersecurity firm Deepwatch laid off around 80 people citing AI the reason.

CEO John DiLullo said the company “is aligning our organization to accelerate our significant investments in AI and automation.”

A current employee said that Deepwatch is “doing something with AI and agentic AI but it sounds like bullshit.”

http://techcrunch.com/2025/11/12/cybersecurity-firm-deepwatch-lays-off-dozens-citing-move-to-accelerate-ai-investment/

NEW: The U.S. Congressional Budget Office was hacked.

@GossiTheDog says that the cause may be an unpatched Cisco ASA firewall. I asked CBO about that but it did not respond to the question.

https://techcrunch.com/2025/11/07/congressional-budget-office-confirms-it-was-hacked/

NEW: The Paragon spyware scandal in Italy widens again.

A political consultant who works with left-wing politicians, who are part of the opposition party Partito Democratico, has now come out as the latest target.

"It is time to ask a very simple question: Why? Why me?" Francesco Nicodemo said.

http://techcrunch.com/2025/11/06/italian-political-consultant-says-he-was-targeted-with-paragon-spyware/

@jtk thank you, I appreciate you saying that.

NEW: As it turns out, sometimes attribution ain’t that hard.

After Kaspersky researchers revealed that some government is using Memento Labs’ spyware called Dante, I reached out to the spyware maker’s CEO Paolo Lezzi.

He told me: yep, it was our outdated Windows malware.

Lezzi also told me more about the state of Memento Labs, five years after death of Hacking Team.

https://techcrunch.com/2025/10/28/ceo-of-spyware-maker-memento-labs-confirms-one-of-its-government-customers-was-caught-using-its-malware/

Kaspersky researchers love attribution.

https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/

In these dark times, let's remember that there were better days.

Fun times when the NSA was so worried about Furbys, and the recording device embedded in them, that it banned them from its premises.

https://web.archive.org/web/20060826021319/http://www.cnn.com/US/9901/13/nsa.furby.ban.01/

SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.

NSO's spokesperson said "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.

Israeli media said it's Hollywood producer and financier Robert Simonds.

https://techcrunch.com/2025/10/10/spyware-maker-nso-group-confirms-acquisition-by-us-investors/

NEW: A prominent Italian businessman was reportedly targeted with Paragon spyware, widening the surveillance scandal in Italy, according to local news reports.

https://techcrunch.com/2025/10/09/italian-businessmans-phone-reportedly-targeted-with-paragon-spyware/

Here's an updated list of all the technology ICE has in its arsenal to mass deport people.

We've added new sections on cell-site simulators and cellphone location data.

https://techcrunch.com/2025/10/08/heres-the-tech-powering-ices-deportation-crackdown/

NEW: The predominantly English-speaking amorphous hacking group known as Scattered Spider/Lapsus$/etc has launched a website to publicize their victims and extort them.

This is the first time the group has such a public presence, indicating an escalation in their strategy.

https://techcrunch.com/2025/10/03/hacking-group-claims-theft-of-1-billion-records-from-salesforce-customer-databases/