Ring Kills Flock Safety Deal After Super Bowl Ad Uproar

Plus: Meta plans to add face recognition to its smart glasses, Jared Kushner named as part of whistleblower’s mysterious national security complaint, and more...

Revealed: Leaked Chats Expose the Daily Life of a Scam Compound’s Enslaved Workforce

A whistleblower trapped inside a “pig butchering” scam compound gave WIRED a vast trove of its internal materials—including 4,200 pages of messages that lay out its operations in unprecedented detail...

EUVD-2024-52842

Malicious code in bioql PyPI...

EUVD-2022-37040

Malicious code in bioql PyPI...

Lawsuit About WhatsApp Security

Attaullah Baig, WhatsApp's former head of security, has filed a whistleblower lawsuit alleging that Facebook deliberately failed to fix a bunch of security flaws, in violation of its 2019 settlement agreement with the Federal Trade Commission. The lawsuit, alleging violations of the whistleblower...

CVE-2022-34007

EQS Integrity Line Professional through 2022-07-01 allows a stored XSS via a crafted whistleblower entry...

For Tech Whistleblowers, There’s Safety in Numbers

Amber Scorah and Psst are building a “digital safe” to help people shine a light on the bad things their bosses are doing, without getting found out...

DOGE Worker’s Code Supports NLRB Whistleblower

A whistleblower at the National Labor Relations Board NLRB alleged last week that denizens of Elon Musk's Department of Government Efficiency DOGE siphoned gigabytes of data from the agency's sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB...

Whistleblower: DOGE Siphoned NLRB Case Data

A security architect with the National Labor Relations Board NLRB alleges that employees from Elon Musk 's Department of Government Efficiency DOGE transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network...

RIP Mark Klein

2006 AT&T whistleblower Mark Klein has died...

CVE-2024-55888

Hush Line is an open-source whistleblower management system. Starting in version 0.1.0 and prior to version 0.3.5, the productions server appeared to have been misconfigured and missed providing any content security policy or security headers. This could result in bypassing of cross-site scriptin...

CVE-2024-55888 Content Security Policy appears to be missing in software and production setup

Hush Line is an open-source whistleblower management system. Starting in version 0.1.0 and prior to version 0.3.5, the productions server appeared to have been misconfigured and missed providing any content security policy or security headers. This could result in bypassing of cross-site scriptin...

AI and the SEC Whistleblower Program

Tax farming is the practice of licensing tax collection to private contractors. Used heavily in ancient Rome, it’s largely fallen out of practice because of the obvious conflict of interest between the state and the contractor. Because tax farmers are primarily interested in short-term revenue,...

Meta whistleblower says company has long ignored how it sexually endangers children

At a Senate hearing, a Meta whistleblower has revealed some shocking numbers around children’s experiences of its platforms. Arturo Béjar, a former engineering director at Meta, testified before the US Congress on Tuesday. Not only did he share his own daughters’ experience suffering harassment o...

Whistleblower Leak Reveals Tesla Data Breach, Affects 75,000

By Waqas Contrary to the typical cyberattack narrative, this breach stems from a whistleblower leak, revealing sensitive information to the German media outlet Handelsblatt. This is a post from HackRead.com Read the original post: Whistleblower Leak Reveals Tesla Data Breach, Affects 75,000...

The Twitter Whistleblower’s Testimony Has Senators Out for Blood

Peiter “Mudge” Zatko’s allegations about the social media platform renewed a sense of urgency for lawmakers to rein in Big Tech...

How Whistleblowers Navigate a Security Minefield

Exposing wrongdoing is risky on the best of days. Whistleblower Aid cofounder John Tye explains the extensive steps needed to keep people safe...

Twitter Whistleblower Complaint: The TL;DR Version

A recently surfaced 84-page whistleblower report filed with the US government by Twitter’s former head of security Peiter “Mudge” Zatko last month blasts his former employer for its alleged shoddy security practices and being out of compliance with an FTC order to protect user data. Twitter has...

Twitter security under scrutiny after former executive turns whistleblower

A former Twitter executive has acted as a whistleblower and alleged some serious problems. Provided these accusations are true, the disclosure shows a side of Twitter that poses a threat to its own users' personal information, to company shareholders, to national security, and to democracy...

Mudge Files Whistleblower Complaint against Twitter

Peiter Zatko, aka Mudge, has filed a whistleblower complaint with the SEC against Twitter, claiming that they violated an eleven-year-old FTC settlement by having lousy security. And he should know; he was Twitters chief security officer until he was fired in January. The Washington Post has the...