As the year concludes, it's a tradition to reflect on the most impactful stories that shaped the cybersecurity landscape. While our own team at TechCrunch works tirelessly to break news, we also admire the exceptional investigative journalism from our peers. This year, we're highlighting the top cybersecurity and privacy stories of 2025 that we wished we had published ourselves – a subjective yet essential list of must-reads for anyone interested in digital security and its far-reaching implications.
The Atlantic: Shane Harris's Gripping Account of a Slain Iranian Hacker Source
Some stories are so extraordinary they feel destined for the screen, and Shane Harris's deeply personal narrative in The Atlantic is one such tale. Harris meticulously documented his months-long correspondence with a high-ranking Iranian hacker who claimed to have worked on major operations, including the downing of an American drone and the infamous Saudi Aramco hack. Initially skeptical, Harris gradually built trust with the source, who eventually revealed his true identity. The hacker's subsequent death allowed Harris to piece together an even more incredible true story, offering a rare, behind-the-scenes look at the complex challenges cybersecurity reporters face when cultivating sensitive sources.
The Washington Post: Exposing the UK's Secret Demand for an Apple Backdoor
In a bombshell report, The Washington Post revealed a secret court order issued by the UK government in January, demanding that Apple create a backdoor to allow police access to iCloud data of any customer worldwide. This unprecedented demand, initially hidden by a global gag order, aimed to compel tech giants to compromise user encryption, a decade-long battle for privacy advocates. In response, Apple ceased offering opt-in end-to-end encrypted cloud storage to its UK users. The Post's exposé ignited public debate and a months-long diplomatic row between the UK and the US, ultimately leading Downing Street to withdraw the request, though they reportedly attempted it again later in the year.
The Atlantic: "The Trump Administration Accidentally Texted Me Its War Plans" — A Headline for the Ages
This Atlantic story delivered the kind of "fly-on-the-wall" access reporters dream of. The publication's editor-in-chief, Jeffrey Goldberg, was inadvertently added to a Signal group chat by a senior U.S. government official, where top Trump administration officials were discussing sensitive war plans from their personal phones. Witnessing discussions about military operations unfold in real-time, followed by news reports of missile strikes, confirmed the authenticity of the chat. This led to a months-long investigation and critique of the government's operational security (OPSEC) practices, exposing what many called the biggest government OPSEC mistake in history. The unraveling revealed security lapses, including the use of a knock-off Signal clone, further compromising secure communications.
KrebsOnSecurity: Brian Krebs Unmasks a Prolific Hacker Group Admin as a Jordanian Teenager
Veteran cybersecurity reporter Brian Krebs once again demonstrated his unparalleled skill in tracing online breadcrumbs to expose notorious cybercriminals. In a remarkable investigation, Krebs successfully identified the real person behind the online handle "Rey," an administrator of the "Scattered LAPSUS$ Hunters," a group described as "advanced persistent teenagers." Krebs's relentless pursuit led him to a close associate of the hacker and eventually to Rey himself, a Jordanian teenager who confessed to his crimes and expressed a desire to leave the cybercriminal life behind. This story is a testament to the power of persistent investigative reporting in the fight against cybercrime.
404 Media: Reporting Leads to Shutdown of Program Selling Billions of Flight Records to Government
Independent media outlet 404 Media made significant waves this year with its impactful journalism, outperforming many larger, more resourced mainstream outlets. One of their most substantial victories was exposing and effectively shutting down a vast air travel surveillance system. 404 Media's investigation revealed that the Airlines Reporting Corporation (ARC), a little-known data broker established by the airline industry and owned by major carriers like United, American, and Delta, was selling access to five billion plane tickets and travel itineraries. This data, including names and financial details of ordinary Americans, allowed government agencies such as ICE, the State Department, and the IRS to track individuals without warrants. Following 404 Media's months-long reporting and intense pressure from lawmakers, ARC announced it would discontinue the warrantless data program.
Wired: Building a "Ghost Gun" to Test Legalities After a High-Profile Killing
The December 2024 killing of UnitedHealthcare CEO Brian Thompson, allegedly by Luigi Mangione using a "ghost gun," became one of the year's biggest stories. A ghost gun is a 3D-printed firearm lacking serial numbers, built privately without background checks, and thus untraceable by authorities. Leveraging its prior experience with 3D-printed weaponry, Wired undertook an investigation to determine the ease of constructing such a weapon while navigating the complex legal and ethical landscape. The resulting report, exquisitely detailed and accompanied by an excellent yet chilling video, highlighted the significant challenges posed by these untraceable firearms.