Cybersecurity Reporting We Can't Stop Thinking About From 2025

As 2025 draws to a close, the cybersecurity journalism landscape has delivered some truly remarkable investigations and exposés. While Gate.io focuses on blockchain and crypto security, the broader information security stories unfolding across traditional media deserve attention—we’re frankly jealous of some of the groundbreaking work other outlets have accomplished this year.

The Iranian Hacker Source Story That Reads Like a Thriller

The Atlantic’s Shane Harris delivered one of the most compelling personal accounts in recent cybersecurity reporting: his months-long correspondence with a high-ranking Iranian state-sponsored hacker. What began as skepticism evolved into something far more complex when the source revealed his real identity and detailed involvement in major operations, including the Saudi Aramco breach. Harris’s narrative doesn’t just expose the operational reality of state-sponsored hacking—it illuminates the precarious relationship between journalists and sources in the cyber world. The story provides a rare behind-the-scenes look at how cybersecurity reporters navigate trust, verification, and the human stakes behind anonymous online identities.

U.K. Government’s Secret Apple Backdoor Demand Exposed

When The Washington Post broke news of a secret British court order in January demanding Apple build encryption backdoors for iCloud access, it triggered an unprecedented diplomatic confrontation. The revelations—initially hidden by a worldwide gag order—exposed how governments are leveraging legal mechanisms to circumvent end-to-end encryption protections. Apple’s subsequent decision to discontinue encrypted cloud storage in the U.K. highlighted the collision between user privacy rights and state surveillance authority. This story exemplifies how investigative reporting can force accountability by dragging secret surveillance frameworks into public view.

Trump Administration’s OPSEC Nightmare Goes Public

The Atlantic’s Jeffrey Goldberg found himself inadvertently added to a Signal group containing senior U.S. government officials discussing military operations in real-time. When Secretary of Defense Pete Hegseth confidently stated “we are currently clean on OPSEC,” he was catastrophically wrong. Goldberg’s decision to report on this extraordinary security lapse—later revealed to involve a compromised Signal alternative—sparked months of scrutiny into government communications security. The incident became a case study in how operational security failures can expose geopolitical intentions and strategic plans.

Tracing Cybercriminals From Online Handles to Real Identities

Brian Krebs’ investigation into the Scattered LAPSUS$ Hunters hacker group demonstrates the persistence required in modern cybersecurity journalism. By following digital breadcrumbs, Krebs identified a Jordanian teenager operating under the handle “Rey” and connected him with associates willing to discuss his involvement in high-profile breaches. The reporting even captured the hacker’s own account of attempting to exit the cybercriminal underworld—a rare glimpse into the psychology of organized cybercrime.

Mass Airline Surveillance Program Dismantled After Investigation

404 Media’s reporting on the Airlines Reporting Corporation exposed a staggering surveillance infrastructure: a system selling access to five billion flight records to federal agencies including ICE and the IRS without warrant requirements. The investigation succeeded where traditional advocacy had stalled—after intense pressure from lawmakers following the exposé, ARC announced it would shut down the warrantless data program. This represents one of 2025’s most impactful examples of investigative journalism directly dismantling government surveillance capabilities.

3D-Printed Weaponry and Legal Ambiguity

Following the UnitedHealthcare executive killing and Luigi Mangione’s arrest on charges involving a “ghost gun,” Wired undertook its own investigation into the ease and legality of manufacturing 3D-printed firearms. The reporting navigated complex legal and ethical terrain while testing what ordinary individuals could accomplish with available technology. The accompanying video documentation made the technical accessibility of untracked weaponry viscerally clear.

Federal Whistleblower Reveals Security Breaches and Intimidation

NPR’s coverage of DOGE (Department of Government Efficiency) included reporting on a National Labor Relations Board IT employee who disclosed threats he received while investigating data security concerns. The whistleblower’s account—including threatening letters containing personal surveillance information—underscores the human cost of institutional resistance to government data access demands.

Exposed Surveillance Dataset Reveals Global Tracking Infrastructure

Mother Jones’ Gabriel Geiger uncovered a dataset from the surveillance company First Wap containing phone location records spanning 2007-2015. The records identified dozens of high-profile targets whose movements had been monitored, including former government officials and private military figures. The investigation exposed the vulnerability of telecommunications infrastructure to exploitation through SS7 protocol weaknesses.

Swatting Crisis Reaches Critical Scale

Wired’s investigation into coordinated swatting attacks on hundreds of schools nationwide documented how what began as trolling has evolved into organized, lethal threats. Profiling the prolific swatter “Torswats” and the operators forced to manage these hoaxes, the reporting humanized an often-abstracted security threat while chronicling the efforts of vigilante hackers attempting to stop perpetrators.

These stories remind us why independent cybersecurity journalism matters. While blockchain security requires its own specialized coverage, the broader information security landscape continues producing investigations that expose government overreach, corporate vulnerability, and systemic failures. We’re jealous of the resourcefulness these journalists demonstrated in 2025.