Ever since Elon Musk spent $44 billion on Twitter and laid off a large percentage of the company’s staff, there have been concerns about data breaches. Now it seems a security incident that predates Musk’s takeover is causing headaches. This week, it emerged that hackers released a trove of 200 million email addresses and their links to Twitter handles, which were likely gathered between June 2021 and January 2022. The sale of the data may put anonymous Twitter accounts at risk and heap further regulatory scrutiny on the company.

WhatsApp has launched a new anti-censorship tool that it hopes will help people in Iran to avoid government-enforced blocks on the messaging platform. The company has made it possible for people to use proxies to access WhatsApp and avoid government filtering. The tool is available globally. We’ve also explained what pig-butchering scams are and how to avoid falling into their traps.

Also this week, cybersecurity firm Mandiant revealed that it has seen Russian cyberespionage group Turla using innovative new hacking tactics in Ukraine. The group, which is believed to be connected to the FSB intelligence agency, was spotted piggybacking on dormant USB infections of other hacker groups. Turla registered expired domains of years-old malware and managed to take over its command-and-control servers.  

We also reported on the continued fallout of the EncroChat hack. In June 2020, police across Europe revealed they had hacked into the encrypted EncroChat phone network and collected more than 100 million messages from its users, many of them potentially serious criminals. Now thousands of people have been jailed based on the intelligence gathered, but the bust is raising wider questions around law enforcement hacking and the future of encrypted phone networks.

But that’s not all. Each week, we round up the security stories we didn’t cover in-depth ourselves. Click on the headlines to read the full stories. And stay safe out there. 

On December 31, as millions of people were preparing for the start of 2023, Slack posted a new security update to its blog. In the post, the company says it detected a “security issue involving unauthorized access to…