Graham Cluley
@grahamcluley.com
Award-winning #cybersecurity and #AI keynote speaker, writer, podcaster | Host of @smashingsecurity.com podcast.
❤️ #DoctorWho, #Beatles, #Chess
He/him
🌐 https://grahamcluley.com
🎙️ https://www.smashingsecurity.com
❤️ #DoctorWho, #Beatles, #Chess
He/him
🌐 https://grahamcluley.com
🎙️ https://www.smashingsecurity.com
Cybersecurity in freefall! More data stolen from European Space Agency by hackers. The high profile of organisations that work in outer space means that they are common targets for both bug hunters and malicious hackers alike.
Read more on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
Read more on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data
It has just been a few weeks since we reported on the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse.
www.bitdefender.com
January 22, 2026 at 11:18 AM
Cybersecurity in freefall! More data stolen from European Space Agency by hackers. The high profile of organisations that work in outer space means that they are common targets for both bug hunters and malicious hackers alike.
Read more on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
Read more on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
Ray [REDACTED] is my guest on ep 451 of the "Smashing Security" podcast, where we discuss a hack of the US Supreme Court that took an unusual twist
PLUS a CREEPY flaw that lets attackers hijack wireless headphones, listen to calls, inject audio, and even turn your earbuds into a stalking device
PLUS a CREEPY flaw that lets attackers hijack wireless headphones, listen to calls, inject audio, and even turn your earbuds into a stalking device
January 22, 2026 at 12:50 AM
Ray [REDACTED] is my guest on ep 451 of the "Smashing Security" podcast, where we discuss a hack of the US Supreme Court that took an unusual twist
PLUS a CREEPY flaw that lets attackers hijack wireless headphones, listen to calls, inject audio, and even turn your earbuds into a stalking device
PLUS a CREEPY flaw that lets attackers hijack wireless headphones, listen to calls, inject audio, and even turn your earbuds into a stalking device
At Davos a new social media platform was revealed - "W" (as in the one before "X") says it aims to counter misinformation, properly verified users, will be hosted on European 🇪🇺 servers, and have zero bots.
What do you think? Are they joining the game too late? Would you sign-up?
What do you think? Are they joining the game too late? Would you sign-up?
January 21, 2026 at 8:39 PM
At Davos a new social media platform was revealed - "W" (as in the one before "X") says it aims to counter misinformation, properly verified users, will be hosted on European 🇪🇺 servers, and have zero bots.
What do you think? Are they joining the game too late? Would you sign-up?
What do you think? Are they joining the game too late? Would you sign-up?
Shields up! The UK's NCSC has warned that Russia-linked hacktivist gangs are targeting organisations and UK critical infrastructure with DDoS attacks.
The attacks are believed to not be financially motivated - but are instead driven by ideology "over perceived Western support for Ukraine."
The attacks are believed to not be financially motivated - but are instead driven by ideology "over perceived Western support for Ukraine."
Pro-Russian denial-of-service attacks target UK, NCSC warns
The UK's National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be...
www.bitdefender.com
January 21, 2026 at 10:59 AM
Shields up! The UK's NCSC has warned that Russia-linked hacktivist gangs are targeting organisations and UK critical infrastructure with DDoS attacks.
The attacks are believed to not be financially motivated - but are instead driven by ideology "over perceived Western support for Ukraine."
The attacks are believed to not be financially motivated - but are instead driven by ideology "over perceived Western support for Ukraine."
"Will this be the year that it finally happens?" asks @theromanoreport.bsky.social
January 20, 2026 at 9:58 AM
"Will this be the year that it finally happens?" asks @theromanoreport.bsky.social
Reposted by Graham Cluley
Another great episode of @smashingsecurity.com
I love it when angry @grahamcluley.com makes an appearance, and he is (rightfully) angry about xAI’s lack of response (and lack of guardrails) to people creating non-consensual sexualized images of women and children using grok.
I love it when angry @grahamcluley.com makes an appearance, and he is (rightfully) angry about xAI’s lack of response (and lack of guardrails) to people creating non-consensual sexualized images of women and children using grok.
From Instagram panic to Grok gone wild
Podcast Episode · Smashing Security · 01/15/2026 · 34m
podcasts.apple.com
January 16, 2026 at 5:35 PM
Another great episode of @smashingsecurity.com
I love it when angry @grahamcluley.com makes an appearance, and he is (rightfully) angry about xAI’s lack of response (and lack of guardrails) to people creating non-consensual sexualized images of women and children using grok.
I love it when angry @grahamcluley.com makes an appearance, and he is (rightfully) angry about xAI’s lack of response (and lack of guardrails) to people creating non-consensual sexualized images of women and children using grok.
Ok, so tens of thousands of users can't get on Twitter... but just think of how many millions of bots are suffering right now!!
www.bbc.co.uk/news/live/cp...
#twitter #x
www.bbc.co.uk/news/live/cp...
#twitter #x
January 16, 2026 at 4:19 PM
Ok, so tens of thousands of users can't get on Twitter... but just think of how many millions of bots are suffering right now!!
www.bbc.co.uk/news/live/cp...
#twitter #x
www.bbc.co.uk/news/live/cp...
#twitter #x
We can no longer say that artificial intelligence is a "future risk", lurking on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that firms are facing right now.
That's not just my opinion, it's also the World Economic Forum's
www.fortra.com/blog/wef-ai-...
That's not just my opinion, it's also the World Economic Forum's
www.fortra.com/blog/wef-ai-...
January 15, 2026 at 5:09 PM
We can no longer say that artificial intelligence is a "future risk", lurking on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that firms are facing right now.
That's not just my opinion, it's also the World Economic Forum's
www.fortra.com/blog/wef-ai-...
That's not just my opinion, it's also the World Economic Forum's
www.fortra.com/blog/wef-ai-...
Monica Verma joins me on episode 450 of the "Smashing Security" podcast, where we explore the spiral of confusion caused by claims 17.5 million Instagram accounts were up for sale, and reports of unrequested password reset emails.
open.spotify.com/episode/6k95...
open.spotify.com/episode/6k95...
Spotify – Web Player
open.spotify.com
January 15, 2026 at 2:32 PM
Monica Verma joins me on episode 450 of the "Smashing Security" podcast, where we explore the spiral of confusion caused by claims 17.5 million Instagram accounts were up for sale, and reports of unrequested password reset emails.
open.spotify.com/episode/6k95...
open.spotify.com/episode/6k95...
Reposted by Graham Cluley
Ah yes, the reverse Kaspersky...
Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say – Reuters: ‘Chinese authorities expressed concern that the software could collect and transmit confidential information abroad, said the sources’
Exclusive: Beijing tells Chinese firms to stop using US, Israeli cybersecurity software, sources say
Chinese authorities have told domestic companies to stop using cybersecurity software made by roughly a dozen firms from the U.S. and Israel due to national security concerns, two people briefed on th...
www.reuters.com
January 14, 2026 at 11:35 AM
Ah yes, the reverse Kaspersky...
Reposted by Graham Cluley
The home of Hannah Natanson, a Washington Post reporter, was searched by the FBI. Her devices were seized. I spoke to @columjournreview.bsky.social about the potential damage and what news organizations need to know. www.cjr.org/news/hannah-...
The home of Hannah Natanson, a Washington Post reporter, was searched by the FBI. Her devices were seized. Runa Sandvik, whose life’s work is protecting journalists’ digital security, assesses the dam...
The home of Hannah Natanson, a Washington Post reporter, was searched by the FBI. Her devices were seized. Runa Sandvik, whose life’s work is protecting journalists’ digital security, assesses the dam...
www.cjr.org
January 14, 2026 at 11:01 PM
The home of Hannah Natanson, a Washington Post reporter, was searched by the FBI. Her devices were seized. I spoke to @columjournreview.bsky.social about the potential damage and what news organizations need to know. www.cjr.org/news/hannah-...
Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous? If so, I might have some unsettling news for you - because the BreachForums database has been breached.
Read more: www.bitdefender.com/en-us/blog/h...
Read more: www.bitdefender.com/en-us/blog/h...
Hackers get hacked, as BreachForums database is leaked
Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous?
If so, I might have some unsettling news for you - because, on January 9 2026, i...
www.bitdefender.com
January 13, 2026 at 6:22 PM
Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous? If so, I might have some unsettling news for you - because the BreachForums database has been breached.
Read more: www.bitdefender.com/en-us/blog/h...
Read more: www.bitdefender.com/en-us/blog/h...
pcTattletale was one of those spyware outfits that insisted it sold perfectly legitimate "employee" and "child monitoring" software - while loudly marketing how it could be used to spy on partners without their knowledge. What could possibly go wrong?
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges - marking one of the few successful US prosecutions of a st...
www.bitdefender.com
January 9, 2026 at 2:56 PM
pcTattletale was one of those spyware outfits that insisted it sold perfectly legitimate "employee" and "child monitoring" software - while loudly marketing how it could be used to spy on partners without their knowledge. What could possibly go wrong?
Reposted by Graham Cluley
Huge thanks to @hacks4pancakes.com for joining us on our latest podcast, where we discuss a romance scammer's handbook for stealing dollars (and hearts), and chat about the cybersecurity career crisis.
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
January 8, 2026 at 7:15 PM
Huge thanks to @hacks4pancakes.com for joining us on our latest podcast, where we discuss a romance scammer's handbook for stealing dollars (and hearts), and chat about the cybersecurity career crisis.
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
"Although not the app I just posted this on, obviously..."
January 7, 2026 at 11:43 AM
"Although not the app I just posted this on, obviously..."
I don't understand how the UK govt (and indeed many firms) can continue to maintain a presence on Musk's piss-palace.
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
The government says it has to stay on X because it’s where 10.8 million British families get their news. How’s that working out?
www.thenewworld.co.uk/rats-in-a-sa...
www.thenewworld.co.uk/rats-in-a-sa...
January 7, 2026 at 10:36 AM
I don't understand how the UK govt (and indeed many firms) can continue to maintain a presence on Musk's piss-palace.
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
Remember when Coinbase said its support staff had been bribed to hand over customer records, leading to hackers demanding a $20 million ransom or 70,000 customers' data would be leaked?
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
Coinbase insider who sold customer data to criminals arrested in India
Police in India have arrested a former Coinbase customer service agent who is believed to have been bribed by cybercriminal gangs to access sensitive customer information.
www.bitdefender.com
January 6, 2026 at 8:43 AM
Remember when Coinbase said its support staff had been bribed to hand over customer records, leading to hackers demanding a $20 million ransom or 70,000 customers' data would be leaked?
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
In entirely predictable news, it has been found that portions of the newly-released Jeffrey Epstein files - intended to be redacted - can be effectively *UN-redacted* by using simple techniques... including highlight text and pasting it into a word processor!! 🤦♂️
www.theguardian.com/us-news/2025...
www.theguardian.com/us-news/2025...
Some Epstein file redactions are being undone with hacks
Un-redacted text from released documents began circulating on social media on Monday evening
www.theguardian.com
December 24, 2025 at 10:28 AM
In entirely predictable news, it has been found that portions of the newly-released Jeffrey Epstein files - intended to be redacted - can be effectively *UN-redacted* by using simple techniques... including highlight text and pasting it into a word processor!! 🤦♂️
www.theguardian.com/us-news/2025...
www.theguardian.com/us-news/2025...
Is Santa Claus real? 🎅 This Christmas special of "The AI Fix podcast" sets out to answer that question in the most sensible way possible: by consulting chatbots, Google's festive killjoys, and the laws of relativistic physics.
grahamcluley.com/the-ai-fix-8...
grahamcluley.com/the-ai-fix-8...
The AI Fix #82: Santa Claus doesn’t exist (according to AI)
Is Santa Claus real? This Christmas special of The AI Fix podcast sets out to answer that question in the most sensible way possible: by consulting chatbots, Google’s festive killjoys, and the laws of...
grahamcluley.com
December 23, 2025 at 3:38 PM
Is Santa Claus real? 🎅 This Christmas special of "The AI Fix podcast" sets out to answer that question in the most sensible way possible: by consulting chatbots, Google's festive killjoys, and the laws of relativistic physics.
grahamcluley.com/the-ai-fix-8...
grahamcluley.com/the-ai-fix-8...
📚Think your Kindle is harmless? Think again! @dannypalmer.bsky.social and I unpack how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account - in the latest episode of the "Smashing Security" podcast
grahamcluley.com/smashing-sec...
grahamcluley.com/smashing-sec...
Smashing Security podcast #448: The Kindle that got pwned
Think your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader – potentially letting an…
grahamcluley.com
December 18, 2025 at 5:03 PM
📚Think your Kindle is harmless? Think again! @dannypalmer.bsky.social and I unpack how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account - in the latest episode of the "Smashing Security" podcast
grahamcluley.com/smashing-sec...
grahamcluley.com/smashing-sec...
Ahoy! 👨✈️ A cruise line firm has banned the use of smart glasses (like Meta Ray-Bans and Google Glass) onboard in public areas. And apparently some people aren't happy about it!
www.bitdefender.com/en-us/blog/h...
www.bitdefender.com/en-us/blog/h...
Surveillance at sea: Cruise firm bans smart glasses to curb covert recording
If you're planning a cruise for your holidays, and cannot bear the idea of being parted from your Ray-Ban Meta smart glasses, you may want to avoid sailing with MSC Cruises.
www.bitdefender.com
December 17, 2025 at 1:43 PM
Ahoy! 👨✈️ A cruise line firm has banned the use of smart glasses (like Meta Ray-Bans and Google Glass) onboard in public areas. And apparently some people aren't happy about it!
www.bitdefender.com/en-us/blog/h...
www.bitdefender.com/en-us/blog/h...
A 49-year-old man has been jailed for 5½ years after admitting to creating detailed video tutorials that showed members of a criminal gang how to infect Android phones with spyware and drain bank accounts.
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Man jailed for teaching criminals how to use malware
Regular readers of Hot for Security will have read plenty of articles about cybercriminals who have created malware, or malicious hackers who have used malware to infect the systems of victims.
www.bitdefender.com
December 15, 2025 at 10:30 AM
A 49-year-old man has been jailed for 5½ years after admitting to creating detailed video tutorials that showed members of a criminal gang how to infect Android phones with spyware and drain bank accounts.
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Reposted by Graham Cluley
I keep having to justify why I want to go to conferences outside the USA and the simple answer is "Many of the people it would be helpful to talk to are no longer able to enter the USA"
December 10, 2025 at 7:49 AM
I keep having to justify why I want to go to conferences outside the USA and the simple answer is "Many of the people it would be helpful to talk to are no longer able to enter the USA"
A security researcher has found a vulnerability on a photo booth company’s website.
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
December 14, 2025 at 9:40 PM
A security researcher has found a vulnerability on a photo booth company’s website.
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
Agentic AI browsers introduce serious new security risks and should be blocked "for the foreseeable future." That's the opinion of a new report from analyst firm Gartner.
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...
Gartner Tells Businesses to Block AI Browsers Now
Gartner has warned that Agentic AI browsers introduce serious new security risks and should be blocked "for the foreseeable future."
www.fortra.com
December 12, 2025 at 12:56 PM
Agentic AI browsers introduce serious new security risks and should be blocked "for the foreseeable future." That's the opinion of a new report from analyst firm Gartner.
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...