As the year ends, we celebrate the best cybersecurity stories we did not publish. Since 2023, TechCrunch has looked back at the standout journalism from across the cybersecurity field. The idea is simple. Dozens of journalists cover cybersecurity in English, producing countless stories on privacy, surveillance, and hacking every week. Many are excellent and deserve your attention. This is a very subjective and incomplete list of the ones we liked the most.
Shane Harris described how he cultivated a senior Iranian hacker as a source, who was then killed. Occasionally, a hacker story feels like it could be a movie. This is the case with Shane Harris’s personal tale of his months-long correspondence with a top Iranian hacker. In 2016, The Atlantic journalist made contact with a person claiming to work as a hacker for Iran’s intelligence service on major operations, like downing an American drone and the infamous hack against Saudi Aramco. Harris was skeptical, but as the hacker revealed his real name, Harris started to believe him. After the hacker died, Harris pieced together a story even more incredible than he had been led to believe. It is a gripping look at the challenges reporters face with confidential sources.
The Washington Post revealed a secret order demanding Apple let U.K. officials spy on users’ encrypted data. In January, the U.K. government secretly issued Apple a court order demanding it build a backdoor to access iCloud data of any global customer. A worldwide gag order meant the public only learned of it because The Washington Post broke the story. This unprecedented demand represented a major threat to tech companies that have locked themselves out of user data to avoid government compulsion. Apple subsequently stopped offering its opt-in end-to-end encrypted cloud storage to U.K. customers. The public revelation allowed Apple and critics to scrutinize U.K. surveillance powers, sparking a months-long diplomatic row with the United States that led Downing Street to drop the request, only to try again later.
‘The Trump Administration Accidentally Texted Me Its War Plans’ by The Atlantic is this year’s best headline. This story represents the fly-on-the-wall access reporters dream of. The Atlantic’s editor-in-chief was unwittingly added to a Signal group of senior U.S. officials discussing war plans from their cellphones. Reading discussions about where to drop bombs, and then seeing corresponding news reports, confirmed he was in a real chat with real officials. He reported on it, paving the way for a months-long investigation into the government’s operational security. This was called the biggest government opsec mistake in history. The situation unraveled to expose security lapses involving a knock-off Signal clone that jeopardized official communications.
Brian Krebs tracked down a prolific hacker group admin as a Jordanian teenager. Veteran reporter Brian Krebs specializes in following online breadcrumbs to reveal cybercriminals’ identities. Here, he found the person behind the handle ‘Rey,’ a member of the notorious teen cybercrime group Scattered LAPSUS$ Hunters. Krebs’s quest was so successful he spoke to someone close to the hacker, and then the hacker himself, who confessed to his crimes and claimed he was trying to leave that life.
Airlines shut down program that sold billions of flight records to the government after 404 Media’s reporting. Independent outlet 404 Media accomplished significant impact journalism by exposing and effectively shuttering a massive air travel surveillance system. They reported that a data broker set up by airlines, the Airlines Reporting Corporation, was selling access to five billion travel itineraries with personal and financial details to agencies like ICE and the IRS without warrants. Following 404 Media’s reporting and pressure from lawmakers, ARC, owned by major airlines, said it would shut down the warrantless data program.
Wired made the 3D-printed gun that Luigi Mangione allegedly used to kill a healthcare executive to test the legalities of ‘ghost guns.’ The killing of UnitedHealthcare CEO Brian Thompson was a major story. The chief suspect was arrested for using a ‘ghost gun,’ a 3D-printed firearm with no serial number. Wired, using its past reporting on 3D-printed weapons, tested how easy it was to build such a gun while navigating the patchwork legal and ethical landscape. The exquisitely told reporting process and accompanying video are both excellent and chilling.
NPR detailed a federal whistleblower’s account of how DOGE took sensitive government data, and the threats he faced. DOGE, the Department of Government Efficiency, was a major running story as a group associated with Elon Musk moved through the federal government, grabbing citizen data and tearing down security protocols. NPR had some of the best investigative reporting on federal workers resisting this. One story detailed a whistleblower at the National Labor Relations Board who, while investigating DOGE, found a threatening letter taped to his door containing sensitive personal information and pictures of him walking his dog.
Mother Jones found an exposed dataset of tracked surveillance victims, including world leaders, a Vatican enemy, and maybe you. Any story where a journalist says a discovery made them “feel like shitting my pants” promises to be a compelling read. Gabriel Geiger found a dataset from a mysterious surveillance company called First Wap, containing records of thousands of people whose phone locations were tracked from 2007 to 2015. It included high-profile figures like a former Syrian first lady, a private military contractor head, a Hollywood actor, and an enemy of the Vatican. The story explored the shadowy world of phone surveillance via the SS7 protocol.
Wired reported on the investigation behind a string of ‘swatting’ attacks on hundreds of schools nationwide. Swatting, a hoax that sends armed police to a target’s location, has been a dangerous problem for years. In this feature, Wired’s Andy Greenberg put a face on the story, profiling the emergency operators, the schools tormented by fake threats, and a prolific swatter known as Torswats. It also covered a hacker who took it upon himself to track Torswats down.