It’s the end of the year. That means it’s time for us to celebrate the best cybersecurity stories we didn’t publish. Since 2023, TechCrunch has looked back at the best stories across the board from the year in cybersecurity. If you’re not familiar, the idea is simple. There are now dozens of journalists who cover cybersecurity in the English language. There are a lot of stories about cybersecurity, privacy, and surveillance that are published every week. And a lot of them are great, and you should read them. We’re here to recommend the ones we liked the most, so keep in mind that it’s a very subjective and, at the end of the day, incomplete list. Anyway, let’s get into it. — Lorenzo Franceschi-Bicchierai. Shane Harris described how he cultivated a senior Iranian hacker as a source, who was then killed Every once in a while, there’s a hacker story that as soon as you start reading, you think it could be a movie or a TV show. This is the case with Shane Harris’ very personal tale of his months-long correspondence with a top Iranian hacker. In 2016, The Atlantic’s journalist made contact with a person claiming to work as a hacker for Iran’s intelligence, where he claimed to have worked on major operations, such as the downing of an American drone and the now-infamous hack against oil giant Saudi Aramco, where Iranian hackers wiped the company’s computers. Harris was rightly skeptical, but as he kept talking to the hacker, who eventually revealed his real name to him, Harris started to believe him. When the hacker died, Harris was able to piece together the real story, which somehow turned out to be more incredible than the hacker had led Harris to believe. The gripping story is also a great behind-the-scenes look at the challenges cybersecurity reporters face when dealing with sources claiming to have great stories to share. The Washington Post revealed a secret order demanding Apple let U.K. officials spy on users’ encrypted data In January, the U.K. government secretly issued Apple with a court order demanding that the company must build a backdoor so police can access iCloud data of any customer in the world. Due to a worldwide gag order, it was only because The Washington Post broke news that we learned the order existed to begin with. The demand was the first of its kind, and — if successful — would be a major defeat for tech giants who have spent the past decade locking themselves out of their users’ own data so they can’t be compelled to provide it to governments. Apple subsequently stopped offering its opt-in end-to-end encrypted cloud storage to its customers in the U.K. in response to the demand. But by breaking the news, the secret order was thrust into the public eye and allowed both Apple and critics to scrutinize U.K. surveillance powers in a way that hasn’t been tested in public before. The story sparked a months-long diplomatic row between the U.K. and the United States, prompting Downing Street to drop the request — only to try again several months later. ‘The Trump Administration accidentally texted me its war plans’ by The Atlantic is this year’s best headline This story was the sort of fly-on-the-wall access that some reporters would dream of, but The Atlantic’s editor-in-chief got to play out in real-time after he was unwittingly added to a Signal group of senior U.S. government officials by a senior U.S. government official discussing war plans from their cell phones. ‘We are currently clean on OPSEC,” said Secretary of Defense Pete Hegseth. they were not. Image Credit: The Atlantic (Screenshot) Reading the discussion about where U.S. military forces should drop bombs — and then seeing news reports of missiles hitting the ground on the other side of the world — was confirmation that Jeffrey Goldberg needed to know that he was, as he suspected, in a real chat with real Trump administration officials, and this was all on-the-record and reportable. And so he did, paving the way for a months-long investigation (and critique) of the government’s operational security practices, in what was called the biggest government opsec mistake in history. The unraveling of the situation ultimately exposed security lapses involving the use of a knock-off Signal clone that further jeopardized the government’s ostensibly secure communications. Brian Krebs tracked down a prolific hacker group admin as a Jordanian teenager Brian Krebs is one of the more veteran cybersecurity reporters out there, and for years he has specialized in following online breadcrumbs that lead to him revealing the identity of notorious cybercriminals. In this case, Krebs was able to find the real identity behind a hacker’s online handle Rey, who is part of the notorious advanced persistent teenagers‘ cybercrime group that calls itself Scattered LAPSUS$ Hunters. Krebs’ quest was so successful that he was able to talk to a person very close to the hacker — we won’t spoil the whole a