WhatsApp Leaked 3.5 Billion Phone Numbers
Techlore Surveillance Report: Weekly News for Your Digital Freedom
This week's Surveillance Report covers WhatsApp's massive phone number enumeration flaw that exposed 3.5 billion users' data through poor rate limiting - potentially the largest data exposure in history. I also examine Google's new Android sideloading restrictions threatening open app distribution, the EU's concerning Digital Omnibus proposal that could significantly weaken GDPR protections, and disturbing attempts in Wisconsin and Michigan to ban VPN usage under the guise of age verification.
š°
Listen to the weekly podcast on Apple Podcasts, Spotify, or any RSS app. You can also watch Surveillance Report on YouTube or Techlore.TV
Episode Sources
Highlight
- https://www.wired.com/story/a-simple-whatsapp-security-flaw-exposed-billions-phone-numbers/
- https://support.signal.org/hc/en-us/articles/6712070553754-Phone-Number-Privacy-and-Usernames
Googleās āSideloadingā Saga
- https://arstechnica.com/gadgets/2025/08/google-will-block-sideloading-of-unverified-android-apps-starting-next-year/
- https://arstechnica.com/gadgets/2025/09/f-droid-calls-for-regulators-to-stop-googles-crackdown-on-sideloading/
- https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html
- https://www.androidauthority.com/android-power-users-install-unverified-apps-3615310/
Chat Control
- https://digitalcourage.social/@echo_pbreyer/115552705437735549
- https://digitalcourage.social/@echo_pbreyer/115571721648039969
- https://digitalcourage.social/@echo_pbreyer/115575902901048016
- https://www.patrick-breyer.de/en/eu-chat-control-proposal-still-poses-high-risks-despite-removal-of-mandatory-scanning-experts-warn/
- https://www.mullvad.net/en/blog/2025/11/14/mullvad-vpn-present-and-then/
- https://fightchatcontrol.eu/
Digital Omnibus
- https://noyb.eu/en/eu-commission-about-wreck-core-principles-gdpr
- https://edri.org/our-work/forthcoming-digital-omnibus-would-mark-point-of-no-return/
Cookie Crumble
WhatsApp Interopability
Winsconsinās VPN Ban
Cloudflare Outage
- https://www.bleepingcomputer.com/news/technology/cloudflare-hit-by-outage-affecting-global-network-services/
- https://blog.cloudflare.com/18-november-2025-outage/
Data Breaches & Updates
- https://www.caranddriver.com/news/a69384313/hyundai-data-breach-details/
- https://nerds.xyz/2025/11/logitech-cybersecurity-incident-zero-day/
- https://www.bleepingcomputer.com/news/security/jaguar-land-rover-cyberattack-cost-the-company-over-220-million/
- https://www.bleepingcomputer.com/news/security/pennsylvania-ag-confirms-data-breach-after-inc-ransom-attack/
- https://www.bleepingcomputer.com/news/security/doordash-email-spoofing-vulnerability-sparks-messy-disclosure-dispute/
- https://www.bleepingcomputer.com/news/security/princeton-university-discloses-data-breach-affecting-donors-alumni/
- https://www.404media.co/ai-porn-secret-desires-chatbot-face-swap/
- https://blog.mozilla.org/en/firefox/ai-window/
- https://nerds.xyz/2025/11/firefox-145-better-privacy-pdf-notes/
- https://blog.mozilla.org/en/firefox/tab-groups-updates/
- https://www.blender.org/download/releases/5-0/
- https://blog.torproject.org/new-release-tails-7_2/
- https://blog.torproject.org/new-release-tor-browser-1502/
- https://novacustom.com/product/shiftphone-8-1-with-iodeos/?wcmlc=USD&reloaded=1
- https://www.bleepingcomputer.com/news/security/google-fixes-new-chrome-zero-day-flaw-exploited-in-attacks/
- https://www.bleepingcomputer.com/news/software/thunderbird-adds-native-support-for-microsoft-exchange-accounts/
Written by
Join Techlore's Fight for Digital Rights
Stay informed on digital threats and how to fight backādelivered directly to your inbox.
Member discussion