Cops Hacked Thousands of Phones. Was It Legal?

When police infiltrated the EncroChat phone system in 2020, they hit an intelligence gold mine. But subsequent legal challenges have spread across Europe.

What Is a Pig Butchering Scam?

This type of devastating scheme ensnares victims and takes them for all they’re worth—and the threat is only growing.

Update Android Right Now to Fix a Scary Remote-Execution Flaw

Plus: Patches for Apple iOS 16, Google Chrome, Windows 10, and more.

The Password Isn’t Dead Yet. You Need a Hardware Key

Any multifactor authentication adds protection, but a physical token is the best bet when it really counts.

The Worst Hacks of 2022

The year was marked by sinister new twists on cybersecurity classics, including phishing, breaches, and ransomware attacks.

LastPass Data Breach: It’s Time to Ditch This Password Manager

The password manager’s most recent data breach is so concerning, users need to take immediate steps to protect themselves.

Russia’s Cyberwar Foreshadowed Deadly Attacks on Civilians

The Kremlin’s aggression in Ukraine is following a dangerous playbook that began to unfold years ago.

Hacktivism Is Back and Messier Than Ever

Throughout 2022, geopolitics has given rise to a new wave of politically motivated attacks with an undercurrent of state-sponsored meddling.

The Most Dangerous People on the Internet in 2022

From SBF to the GRU, these were the most disruptive forces of online chaos this year.

Everyone Is Using Google Photos Wrong

Ever-expanding cloud storage presents more risks than you might think.

Russians Hacked JFK Airport Taxi Dispatch in Line-Skipping Scheme

Plus: An offensive US hacking operation, swatters hacking Ring cameras, a Netflix password-sharing crackdown, and more.

What Is Flipper Zero? The Hacker Tool Going Viral on TikTok, Explained

Don’t be fooled by its fun name and Tamagotchi-like interface—this do-everything gadget is trouble waiting to happen and a whole lot more.

Iran’s Internet Blackouts Are Sabotaging Its Own Economy

A new US State Department assessment highlights the stark economic toll of Tehran’s recent shutdowns and platform control.

Elon Musk and the Dangers of Censoring Real-Time Flight Trackers

Elon Musk claims plane-tracking data is a risky privacy violation. But the world loses a lot if this information disappears—and that's already happening.

An Alleged Russian Smuggling Ring Was Uncovered in New Hampshire

Plus: An FBI platform got hacked, an ex-Twitter employee is sentenced for espionage, malicious Windows 10 installers circulate in Ukraine, and more.

Meta’s Tricky Quest to Protect Your Account

How do you keep Facebook easy to use without being trivial to exploit? The company is trying to chart a middle ground.

GPS Signals Are Being Disrupted in Russian Cities

Navigation system monitors have seen a recent uptick in interruptions since Ukraine began launching long-range drone attacks.

A New Lawsuit Accuses Meta of Inflaming Civil War in Ethiopia

The suit claims the company lacks adequate moderation to prevent widespread hate speech that has led to violence and death.

Cuba Ransomware Gang Abused Microsoft Certificates to Sign Malware

The company has taken measures to mitigate the risks, but security researchers warn of a broader threat.

Hackers Planted Files to Frame Indian Priest Who Died in Custody

And new evidence suggests those hackers may have collaborated with the police who investigated him.

Why the US Is Primed for Radicalization

A confluence of factors is leading people in the nation to gravitate toward extremist views.

Attackers Keep Targeting the US Electric Grid

Plus: Chinese hackers stealing US Covid relief funds, a cyberattack on the Met Opera website, and more.

Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking

Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited.

Lensa AI and ‘Magic Avatars’: What to Know Before Using the App

Are you thinking about uploading some selfies and buying a pack of ‘Magic Avatars’? Consider these expert tips first.

Popular HR and Payroll Company Sequoia Discloses a Data Breach

The company, which works with hundreds of startups, said it detected unauthorized access to personal data, including Social Security numbers.

Elon Musk’s Twitter Files Are a Feast for Conspiracy Theorists

From QAnon influencers to @catturd, the very online right sees exactly what they want to see in the CEO’s orchestrated disclosure.

Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next

The company plans to expand its Communication Safety features, which aim to disrupt the sharing of child sexual abuse material at the source.

Apple Expands End-to-End Encryption to iCloud Backups

The company will also soon support the use of physical authentication keys with Apple ID, and is adding contact verification for iMessage in 2023.

Scammers Are Scamming Other Scammers Out of Millions of Dollars

On cybercrime forums, user complaints about being duped may accidentally expose their real identities.

The Dangerous Digital Creep of Britain's ‘Hostile Environment’

The UK's use of technology to enforce its hard-line immigration policy brings the border into every facet of migrants' lives.

China’s Police State Targets Zero-Covid Protesters

Plus: ICE accidentally doxes asylum seekers, Google fails to uphold a post-Roe promise, and LastPass suffers the second breach this year.

Android Phone Makers’ Encryption Keys Stolen and Used in Malware

Device manufacturers use “platform certificates” to verify an app’s authenticity, making them particularly dangerous in the wrong hands.

Iran’s Protests Reveal What’s Lost If Twitter Crumbles

As authorities hit citizens with more violence, the social network is proving key to documenting abuses. If it breaks, a human rights lifeline may disappear.

Google Moves to Block Invasive Spanish Spyware Framework

The Heliconia hacking tool exploited vulnerabilities in Chrome, Windows Defender, and Firefox, according to company security researchers.

Drop What You're Doing and Update iOS, Android, and Windows

Plus: Major patches dropped this month for Chrome, Firefox, VMware, Cisco, Citrix, and SAP.

The Hunt for the Kingpin Behind AlphaBay, Part 6: Endgame

With AlphaBay shuttered, Operation Bayonet enters its final phase: driving the site’s refugees into a giant trap. But one refugee hatched his own plan.

A Peek Inside the FBI's Unprecedented January 6 Geofence Dragnet

Google provided investigators with location data for more than 5,000 devices as part of the federal investigation into the attack on the US Capitol.

Apple Tracks You More Than You Think

Plus: WikiLeaks’ website is falling apart, tax websites are sending your data to Facebook, and cops take down a big phone-number-spoofing operation.

Redacted Documents Are Not as Secure as You Think

Popular redaction tools don’t always work as promised, and new attacks can reveal hidden information, researchers say.

I Lost $17,000 in Crypto. Here’s How to Avoid My Mistake

I’m not the first person to suffer this fate, but hopefully I can be the last.

How to Avoid Black Friday Scams Online

'Tis the season for swindlers and hackers. Use these tips to spot frauds and keep your payment info secure.

The US Has a Bomb-Sniffing Dog Shortage

Finding high-quality detection canines is hard enough—and the pandemic only dug a deeper hole.

The Hunt for the Dark Web’s Biggest Kingpin, Part 5: Takedown

After months of meticulous planning, investigators finally move in to catch AlphaBay’s mastermind red-handed. Then the case takes a tragic turn.

Autonomous Vehicles Join the List of US National Security Threats

Lawmakers are growing concerned about a flood of data-hungry cars from China taking over American streets.

A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup

A 500-page document reviewed by WIRED shows that Corellium engaged with several controversial companies, including spyware maker NSO Group.

A Destabilizing Hack-and-Leak Operation Hits Moldova

Plus: Google’s location snooping ends in a $391 million settlement, Russian code sneaks into US government apps, and the World Cup apps set off alarms.

Here’s How Bad a Twitter Mega-Breach Would Be

Elon Musk laid off half the staff, and mass resignations seem likely. If nobody’s there to protect the fort, what’s the worst that could happen?

Telehealth Sites Put Addiction Patient Data at Risk

New research found pervasive use of tracking tech on substance-abuse-focused health care websites, potentially endangering users in a post-Roe world.

The Hunt for the Dark Web’s Biggest Kingpin, Part 4: Face to Face

The team uses a secret technique to locate AlphaBay’s server. But just as the operation heats up, the agents have an unexpected run-in with their target.

Twitter’s SMS Two-Factor Authentication Is Melting Down

Problems with the important security feature may be some of the first signs that Elon Musk’s social network is fraying at the edges.

The Hunt for the FTX Thieves Has Begun

Mysterious crooks took hundreds of millions of dollars from FTX just as it collapsed. Crypto-tracing blockchain analysis may provide an answer.

Elon Musk Introduces Twitter Mayhem Mode

Plus: US midterms survive disinformation efforts, the government names the alleged Lockbit ransomware attacker, and the Powerball drawing hits a security snag.

‘Dark Ships’ Emerge From the Shadows of the Nord Stream Mystery

Satellite monitors discovered two vessels with their trackers turned off in the area of the pipeline prior to the suspected sabotage in September.

Russia’s Sway Over Criminal Ransomware Gangs Is Coming Into Focus

Questions about the Kremlin’s relationships with these groups remain. But researchers are finally getting some answers.

Elon Musk's Twitter Blue Verification Is a Gift to Scammers

Anyone can get a blue tick on Twitter without proving who they are. And it’s already causing a ton of problems.

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless

Security researchers see updated tactics and tools—and a tempo change—in the cyberattacks Russia’s GRU military intelligence agency is inflicting on Ukraine.

How to Use Apple Pay or Google Wallet Instead of Plastic Cards

Cash is safe—for now. Contactless payment methods, like Apple Pay or Google Wallet, are more of a threat to the existence of physical cards.

Inside the ‘Election Integrity App’ Built to Purge US Voter Rolls

True the Vote’s IV3 app is meant to catch election cheaters. But it has a fundamental flaw.

The Secret Ballot Is US Democracy’s Last Line of Defense

Voter intimidation has cropped up in places across the nation, but the voting booth remains the one place where nobody can get to you.

IRS Seizes Another Silk Road Hacker’s $3.36 Billion Bitcoin Stash

A year after a billion-dollar seizure of the dark web market's crypto, the same agency found a giant trove hidden under a different hacker's floorboards.