Lorenzo Franceschi-Bicchierai

Following my Washington Post report on Eric Michaud's secret partnership in a crypto-recovery business with fallen hacker hero Morgan Marquis-Boire, Michaud joins him as one of five people permanently banned from #DefCon. defcon.org/html/links/d...

Authorities seize BlackSuit ransomware gang's servers | TechCrunch German authorities said they have seized the servers used by the long-running ransomware gang, BlackSuit, which is blamed for cyberattacks across Europe and the U.S., including the City of Dallas.

New, by me: German authorities have confirmed the takedown of the BlackSuit ransomware gang's servers and infrastructure. Officials in Germany say U.S. ICE's Homeland Security Investigations was involved in the operation. BlackSuit had over 180 victims, the officials say.

Sex toy maker Lovense threatens legal action after fixing security flaws that exposed users' data | TechCrunch The internet-connected sex toy maker said it fixed the vulnerabilities that exposed users' private email addresses and accounts to takeovers, but said it was also planning to take legal action followi...

New, by me: Lovense, a maker of internet-connected sex toys, has confirmed it fixed a pair of security flaws that exposed users' private email addresses and put accounts at risk of takeovers. Now the company's CEO says he might sue.

Hackers stole Social Security numbers during Allianz Life cyberattack | TechCrunch The U.S. insurance giant tells state regulators that Social Security numbers were among the personal information stolen in its mid-July cyberattack.

New, by me: The hackers who breached Allianz Life earlier this month and stole the personal information belonging to the "majority" of its 1.4 million customers, also took Social Security numbers during the breach, per new filings with U.S. states.

Telecom giant Orange warns of disruption amid ongoing cyberattack | TechCrunch The telecom giant, one of the largest in the world with customers in Europe and Africa, said customers are experiencing ongoing disruption to its services due to an unspecified hack.

NEW: French telecom giant Orange disclosed an unspecified "cyberattack" that has caused disruptions to businesses and consumers alike.

For now, the company is not saying what's the nature of the cyberattack.

techcrunch.com/2025/07/29/t...

Sex toy maker Lovense caught leaking users' email addresses and exposing accounts to takeovers | TechCrunch A security researcher went public after the sex toy maker asked for more than a year to fix the vulnerabilities, which leak users' private email addresses and allow for accounts to be hijacked.

New by me: Sex toy maker Lovense has failed to fix two security flaws that allows anyone to reveal the email address of any other user, and takeover anyone else's account.

I verified the email disclosure bug w/ the researcher, who said they went public after Lovense claimed it needed a year to fix.

New York state cyber chief calls out Trump for cybersecurity cuts | TechCrunch The top cybersecurity official in New York told TechCrunch in an interview that Trump's budget cuts are going to put the government at risk from cyberattacks, and will put more pressure on states to s...

NEW: We spoke to Colin Ahern, the chief cyber officer for the state of New York.

He sounded the alarm after the "Big Ugly Bill" and all the Trump cuts to cybersecurity agencies and programs, and said states need Washington to be a better partner to secure its networks.

A Second Tea Breach Reveals Users’ DMs About Abortions and Cheating The more than one million messages obtained by 404 Media are as recent as last week, discuss incredibly sensitive topics, and make it trivial to unmask some anonymous Tea users.

New from 404 Media: a second data breach at Tea has exposed more than a million direct messages between users that we obtained. Discussions of abortions, cheating. The other data was older. This is as recent as *last week*. Hard to overstate how sensitive this data is www.404media.co/a-second-tea...

Allianz Life says 'majority' of customers' personal data stolen in cyberattack | TechCrunch Exclusive: Allianz Life said the "majority" of its customers and employees had data stolen in the June cyberattack. The insurance giant has more than 125 million customers worldwide.

NEW, by me: Hackers breached U.S. insurance giant Allianz Life in July and stole the "majority" of its customers' personal information. The company confirmed the breach to TechCrunch, but wouldn't provide an accurate number of affected customers. Its parent company, Allianz, has 125 million members.

Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers | TechCrunch Google has suspended the Firebase account of Catwatchful following a TechCrunch investigation. The spyware operation was caught using Google's own servers to host and run its surveillance app, which w...

New, by me: Google has shut down the account of Catwatchful, a phone spyware operation hosted on Google's own servers.

Google wouldn't say why it took a *month* after TechCrunch reached out for the company to suspend the operation, which was clearly in violation of its own customers' terms of use.

AI slop and fake reports are exhausting some security bug bounties | TechCrunch "We're getting a lot of stuff that looks like gold, but it's actually just crap,” said the founder of one security testing firm. AI-generated security vulnerability reports are already having an effec...

NEW: Security researchers are increasingly using AI to find flaws and report them to bug bounty platforms.

And just like other LLM-produced content, the reports include hallucinations. Coupled with the AI-powered increased volume of reports, this is causing problems for some bug bounty platforms.

Cybercrime forum Leak Zone publicly exposed its users' IP addresses | TechCrunch Exclusive: The popular "leaking and cracking" forum left one of its databases exposed to the internet without a password, exposing the IP addresses of its users logging in.

NEW, by me: A cybercrime forum called Leak Zone, which offers access to breached databases and stolen credentials, was found exposing the IP addresses of its logged-in users to the open web, per security researchers.

The database, now offline, was connected to the internet without a password.

Apple alerted Iranians to iPhone spyware attacks, say researchers | TechCrunch Researchers say Apple sent out threat notifications to several Iranians in recent months, saying their iPhones had been hacked. Iran is likely behind the attacks.

NEW: Apple notified several Iranians that they were targets of government spyware in the last year, according to security researchers.

Since 2021, Apple says it has notified people in 150 countries, but we don't always get to know which countries, so this is an interesting data point.

A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors Infostealer data can include passwords, email and billing addresses, and the embarrassing websites you use. Farnsworth Intelligence is selling to to divorce lawyers and other industries.

New from 404 Media: a startup is selling data hacked from peoples' computers to debt collectors, divorce lawyers, more. People already hacked, now being re-vicitmized by startup. I used the tool, found peoples' personal addresses.

“This is so gross and predatory.”

www.404media.co/a-startup-is...

UK government wants ransomware victims to report cyberattacks so it can disrupt the hackers | TechCrunch Experts applauded the proposed change, which would require ransomware victims to notify authorities when paying a hacker's ransom, arguing that this information can help catch cybercriminals and stop ...

NEW: The UK govt is moving forward with a proposal to require ransomware victims to contact law enforcement, with the goal of helping "hunt down perpetrators and disrupt their activities, allowing for better support for victims.”

Ransomware experts we spoke to believe this could make a difference.

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day | TechCrunch The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned "multiple actors" are also hacking into affected SharePoint systems.

New, by me: Google and Microsoft both say they have evidence that China-backed hackers are exploiting the new zero-day in SharePoint servers. Google notes that they've seen "multiple actors" hacking vulnerable servers, and warned of more attacks to come.

Idea fantástica!

Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry | TechCrunch The spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether.

New, by me: Scott Zuckerman, a spyware founder who was banned from the surveillance industry by the FTC after one of his spyware companies had a data breach, now wants the FTC to *unban* him.

Zuckerman claims the cybersecurity requirements put on him after the breach are an "unnecessary burden."

Hackers exploiting SharePoint zero-day seen targeting government agencies, say researchers | TechCrunch Thousands of SharePoint servers could be vulnerable to hackers, according to cybersecurity firms.

NEW: The hackers that have been exploiting the Microsoft SharePoint zero-day have been targeting government agencies, researchers say.

Also, different research teams are seeing more than 8,000 exposed and potentially vulnerable SharePoint servers on the internet.

techcrunch.com/2025/07/21/h...

These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more | TechCrunch These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers.

We published a reading list of our favorite cyber and cyber-adjacent books.

We're keeping it relatively broad. Books about privacy and surveillance are and will be a part of this.

This is meant to be a post to be updated regularly. If you have suggestions on what we should read next, please share!

New zero-day bug in Microsoft SharePoint under widespread attack | TechCrunch Security researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and must assume they have already been compromised.

New, by me: A newly discovered zero-day bug in Microsoft SharePoint is being used to mass-hack and steal data from companies and governments around the world.

🚨 Unit42 says if you have a SharePoint server exposed to the internet, "you should assume that you have been compromised at this point."

Who could have thought that giving Israel carte blanche, and countless missiles and weapons, to carry out genocide in Gaza and bomb pretty much all its neighboring countries, would embolden Bibi even further?

Credit goes to @zackwhittaker.com on that one, I have it on my reading list.

For privacy and security, think twice before granting AI access to your personal data | TechCrunch AI chatbots, assistants and agents are increasingly asking for gross levels of access to your personal data under the guise of needing your information to make them work.

I wrote some ~weekend words~ on why you shouldn't allow AI access to your email, calendar, or any other of your most private data. This may seem obvious to some, but perhaps not to others: the privacy and security risks just aren't worth it.

Hackers are trying to steal passwords and sensitive data from users of Signal clone | TechCrunch The bug in the modified messaging app can expose users' “plaintext usernames, passwords, and other sensitive data,” per GreyNoise.

NEW: Security researchers and CISA warn that hackers are exploiting a flaw in the Signal clone TeleMessage, which could lead to them stealing "plaintext usernames, passwords, and other sensitive data."

The researcher who analyzed it said they were "in disbelief at the simplicity of this exploit."

China’s cyber sector amplifies Beijing’s hacking of U.S. targets Chinese-government hacking attacks against US targets are more serious than ever before, current and former officials said in interviews.

New from me: Chinese government-backed hackers have become even more aggressive in breaking into U.S. government networks and companies, powered by a private industry liberated to choose targets themselves. Free link with email etc. wapo.st/4kFltKM

Lookout Discovers Massistant Chinese Mobile Forensic Tooling | Threat Intel Massistant is a mobile forensics application used by law enforcement in China to collect extensive information from mobile devices.

Lookout's full report is here: www.lookout.com/threat-intel...

PSA: I am not going to Vegas this year, which to be honest I am kinda happy about.

I'm still interested in your talks and research. If you wanna chat about it, hit me up on Signal: @ LorenzoFB.1337

Call of Duty cheaters complain after Activision launches new wave of mass-bans | TechCrunch The video game giant banned an unknown number of cheaters that were using one of the oldest-running cheats.

NEW: Activision launched a mass ban wave against cheaters in Call of Duty 6: Black Ops.

It appears some of the targets were players using a cheat made by ArtificialAiming, a provider that's 19 (!!!) years old.

“It’s been a long run. GG all,” lamented a banned cheater.

Chinese authorities are using a new tool to hack seized phones and extract data | TechCrunch Researchers warned that Chinese residents, and visitors to China, should be aware of the tool's existence and the risks it poses.

NEW: Chinese authorities are using a new type of phone hacking tool to unlock and extract data from phones, according to researchers at Lookout.

Researchers warn everyone inside or traveling to China to keep this threat in mind, as authorities can force people to hand over and even unlock phone.