SecureDrop
-
SecureDrop Inbox 1.3.0 is now available!
This release adds a label to show the number of selected sources, disables downloading of files in offline mode, and updates a number of dependencies.
-
SecureDrop Workstation 1.7.0 has been released!
This is a Qubes 4.3-only release, and takes advantage of some of its new features to provide a more robust and secure way for journalists to review submissions.
https://securedrop.org/news/securedrop-workstation-1_7_0-released
-
SecureDrop Inbox 1.2.0 is now available! This release increases the number of results returned by search, improves file handling and sync performance, and carries out other internal cleanup.
-
SecureDrop Inbox 1.1.0 is now available!
This version fixes a number of small issues that didn’t make it into the previous release.
-
The inaugural release of SecureDrop Inbox is now available! 🎉
The Inbox is a full rewrite of our client, and includes many new features and performance improvements for journalists.
-
SecureDrop 2.15.1 is now available, improving memory management while handling APIv2 requests, and fixing an issue with restoring backups without transferring over the network:
-
SecureDrop 2.15.0 is now available, which enables the updated API needed for the upcoming SecureDrop Inbox.
-
SecureDrop Client 0.17.5 has been released to address a low-priority security issue. Exploiting this vulnerability would require a compromised server, and we are not aware of any exploits in the wild.
https://securedrop.org/news/securedrop-client-0_17_5-released
-
This is the result of work begun by the SecureDrop team in July 2025 to completely overhaul how journalists process submissions. SecureDrop Workstation users will receive it automatically during a system update in the next few weeks.
-
SecureDrop Inbox, the new window into the SecureDrop Workstation, has been rewritten from the ground up to replace the previous client application for existing journalist users.
Improving upon the core functionality, it also includes bug fixes, speed improvements, and a range of new features.
https://securedrop.org/news/new-features-in-securedrop-inbox/
-
SecureDrop Workstation 1.5.2 has been released, as well as SecureDrop Client 0.17.4.
This update contains multiple security fixes, all of which are low or informational priority. We are not aware of any exploitation in the wild for any vulnerability.
https://securedrop.org/news/securedrop-workstation-1_5_2-released/
-
SecureDrop 2.14.0 has been released. This release ensures KeePassXC remains installed on Tails. It also lays groundwork for the upcoming SecureDrop App.
-
SecureDrop Client 0.17.2 has been released! This release addresses potential undefined behavior in a dependency.
https://securedrop.org/news/securedrop-client-0_17_2-released/
-
What does it take to make web applications auditable?
Here's why reproducibility matters, and how WEBCAT—a framework for signing and verifying web applications—approaches the problem in practice.
https://securedrop.org/news/webcat-towards-auditable-web-application-runtimes/
-
Journalists are increasingly relying on insider sources, and protecting those sources is more important than ever.
Here's how SecureDrop is rising to the challenge, safeguarding whistleblowers’ anonymity against ever-evolving threats.
-
SecureDrop Workstation 1.5.1 has been released! This minor fix addresses a Tails config location change found in version 2.13.0 of the SecureDrop server.
https://securedrop.org/news/securedrop-workstation-1_5_1-released/
-
SecureDrop 2.13.0 is now available. This release primarily provides the securedrop-admin tool as a Debian package within Tails, and prepares for future availability of the securedrop-admin utility on Qubes OS.
-
SecureDrop Client 0.17.1 has been released! This release addresses a low-impact, high-complexity denial-of-service issue:
https://securedrop.org/news/securedrop-client-0_17_1-released/
-
SecureDrop is building the next generation of anonymity tools for whistleblowers. SecureDrop software engineer Cory Myers and ETH Zurich researcher Felix Linker gave a talk in Montreal earlier this month about our new, custom messaging protocol:
-
SecureDrop Workstation 1.5.0 has been released! This version simplifies the installation process by allowing you to install a bootstrap package from the Qubes-Contrib repo, and removes the remaining dependencies on Whonix.
https://securedrop.org/news/securedrop-workstation-1_5_0-released/
-
SecureDrop 2.12.10 has been released. This is a Journalist and Admin Workstation-only release, which adds support for the recent Tails 7 version.
-
SecureDrop Workstation 1.4.0 has been released! This version integrates Tor directly in the sd-proxy VM instead of using Whonix, and fixes an issue that prevented USB devices from automatically attaching.
https://securedrop.org/news/securedrop-workstation-1_4_0-released
-
SecureDrop users, we have heard your requests for an updated support experience! We are now providing support directly via Signal, and will be completing a migration away from Redmine on Nov. 3, 2025
https://securedrop.org/news/changing-how-we-deliver-support/
-
SecureDrop Workstation 1.3.0 has been released! This version allows users to import credentials during setup, and updates the Fedora base template to version 42, which re-enables SELinux.
https://securedrop.org/news/securedrop-workstation-1_3_0-released
-
SecureDrop 2.12.9 has been released. This version disables upgrades from Ubuntu Focal to Noble, and updates Tor Browser safety-level guidance in the Source Interface.
If your SecureDrop is still running Ubuntu Focal, please contact us for assistance in reinstalling with Ubuntu Noble.
-
Usually anything related to setting up and configuring printers gets a bad rap, but recently, the SecureDrop Workstation moved to a "just-works" printing approach.
Read how we did it: https://securedrop.org/news/implementing-just-works-printing-in-securedrop-workstation/
-
Looking for a gift this holiday season, but also want to support our work? We got you!
New short-run shirt and cap available, grab them before they're gone.
-
Come join the SecureDrop team! We have a 20-hour/week contractor role available for a Technical Support Specialist - successful applicants will work with news orgs worldwide to support the deployment and use of SecureDrop and the new SecureDrop Workstation.
More details here: https://freedom.press/careers/job/?gh_jid=4471699005