On Wednesday, August 23, Yevgeny Prigozhin, the head of the Russian mercenary outfit Wagner Group, was killed after his plane exploded and fell from the sky. While the details of exactly what happened are still scarce, open source information has helped to fill in the gaps.

To investigate technology, you need to be able to inspect it. Researchers and journalists have found clever ways to scrutinize Big Tech in the past, but these kinds of digital investigations are becoming increasingly more difficult. Surya Mattu, a data journalist who leads Princeton University’s Digital Witness Lab, makes the case for an inspectability API.

A mysterious group of hackers has pulled off a new supply chain attack. The hackers hijacked software updates of a particular piece of security software and injected malware that targeted 100 computers across Asia. Because most of the attack’s victims were based in Hong Kong, researchers say China-linked hackers may be the culprits.

The ever-tumultuous world of US politics shuddered this week as former president Donald Trump was booked in Georgia over charges related to his attempts to overturn the 2020 presidential election results in the state. We took a deep dive into the reasons why this indictment is both dangerous and necessary for America's future. And we detailed why it matters that he got his mug shot taken.

In other news, we spoke to Alex Pall of The Chainsmokers about why he’s been partying with (and investing in) niche cybersecurity companies. Lastly, some news you can use: We ranked the most popular digital abortion clinics according to their data privacy practices, and here’s some advice for how to talk to your kids about social media and mental health.

That’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click on the headlines to read the full stories. And stay safe out there.

A breakout investigation published by the worker-owned tech outlet 404 Media, which launched this week, uncovered a terrifying new tool that criminals are using to gain access to the personal data of nearly any adult in the United States. The “secret weapon,” which is not named in the piece, is a telegram bot that can, within minutes, provide a criminal with virtually any American’s address, birth date, phone number, email, and occasionally even their Social Security number.

According to the report, the tool retrieves sensitive data by taking advantage of unauthorized access to third-party data brokers who can access the sensitive information from credit bureaus such as Experian, Equifax, and TransUnion.

The majority of the adult population has their personal information collected and stored by credit bureaus, which accumulate massive amounts of data in order to monitor credit scores. The credit bureaus sell access to some of this data to third-party companies which, in turn, resell it to people like private investigators or real estate investors. A criminal who has gained access to one of these companies, in effect, can dox nearly any American with a credit card. This appears to be what has happened, according to the report.