Graham Cluley
@grahamcluley.com
Award-winning #cybersecurity and #AI keynote speaker, writer, podcaster | Host of @theaifix.show and @smashingsecurity.com podcasts
❤️ #DoctorWho, #Beatles, #Chess
🌐 https://grahamcluley.com
🎙️ https://theaifix.show
🎙️ https://www.smashingsecurity.com
❤️ #DoctorWho, #Beatles, #Chess
🌐 https://grahamcluley.com
🎙️ https://theaifix.show
🎙️ https://www.smashingsecurity.com
Great to have @danraywood.bsky.social on the "Smashing Security" podcast!
We discussed how America’s broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts.
We discussed how America’s broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts.
November 27, 2025 at 10:02 AM
Great to have @danraywood.bsky.social on the "Smashing Security" podcast!
We discussed how America’s broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts.
We discussed how America’s broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts.
The WORST advert for an AI app yet!
What hell have we created that means apps like 2wai are considered acceptable and (presumably) finding customers?
And what happens when years after your mom/grandmom has passed away you still find yourself unable to cancel the subscription...
What hell have we created that means apps like 2wai are considered acceptable and (presumably) finding customers?
And what happens when years after your mom/grandmom has passed away you still find yourself unable to cancel the subscription...
November 26, 2025 at 12:06 PM
The WORST advert for an AI app yet!
What hell have we created that means apps like 2wai are considered acceptable and (presumably) finding customers?
And what happens when years after your mom/grandmom has passed away you still find yourself unable to cancel the subscription...
What hell have we created that means apps like 2wai are considered acceptable and (presumably) finding customers?
And what happens when years after your mom/grandmom has passed away you still find yourself unable to cancel the subscription...
After crime-fighting agencies disrupted three major malware platforms (the Rhadamanthys infostealer, VenomRAT remote access trojan, and Elysium botnet) earlier this month, they released a video.
Lovely work by Europol et al.
www.bitdefender.com/en-us/blog/h...
Lovely work by Europol et al.
www.bitdefender.com/en-us/blog/h...
November 24, 2025 at 9:28 AM
After crime-fighting agencies disrupted three major malware platforms (the Rhadamanthys infostealer, VenomRAT remote access trojan, and Elysium botnet) earlier this month, they released a video.
Lovely work by Europol et al.
www.bitdefender.com/en-us/blog/h...
Lovely work by Europol et al.
www.bitdefender.com/en-us/blog/h...
Fab to have Tricia Howard as a special guest on the latest "Smashing Security" podcast where we discussed the firm that has actually said "sorry" after a data breach, and how hotels are helping hackers phish their own guests.
November 20, 2025 at 5:07 PM
Fab to have Tricia Howard as a special guest on the latest "Smashing Security" podcast where we discussed the firm that has actually said "sorry" after a data breach, and how hotels are helping hackers phish their own guests.
Workers escaping from a scam compound in Bavet, Cambodia.
Worth remembering that there are many victims of the scammers...
#cybersecurity #scam #cybercrime
Worth remembering that there are many victims of the scammers...
#cybersecurity #scam #cybercrime
November 17, 2025 at 1:15 PM
Workers escaping from a scam compound in Bavet, Cambodia.
Worth remembering that there are many victims of the scammers...
#cybersecurity #scam #cybercrime
Worth remembering that there are many victims of the scammers...
#cybersecurity #scam #cybercrime
... is donating the ransom amount to Carnegie Mellon University and the University of Oxford Cyber Security Centre "to support their research in the fight against cybercrime."
Full details: www.checkout.com/blog/protect...
Full details: www.checkout.com/blog/protect...
November 13, 2025 at 8:37 PM
... is donating the ransom amount to Carnegie Mellon University and the University of Oxford Cyber Security Centre "to support their research in the fight against cybercrime."
Full details: www.checkout.com/blog/protect...
Full details: www.checkout.com/blog/protect...
❤️ I LOVE THIS! Kudos to Checkout⋅com, which received a ransom demand from the ShinyHunters hacking group 👏
Not only did Checkout's CTO Mariano Albera say "sorry"how refreshing, a hacked company that actually apologises! - but it is also refusing to pay the ransom to the hackers and *instead*... 1/2
Not only did Checkout's CTO Mariano Albera say "sorry"how refreshing, a hacked company that actually apologises! - but it is also refusing to pay the ransom to the hackers and *instead*... 1/2
November 13, 2025 at 8:37 PM
❤️ I LOVE THIS! Kudos to Checkout⋅com, which received a ransom demand from the ShinyHunters hacking group 👏
Not only did Checkout's CTO Mariano Albera say "sorry"how refreshing, a hacked company that actually apologises! - but it is also refusing to pay the ransom to the hackers and *instead*... 1/2
Not only did Checkout's CTO Mariano Albera say "sorry"how refreshing, a hacked company that actually apologises! - but it is also refusing to pay the ransom to the hackers and *instead*... 1/2
🚨 SNAFUAT: Situation normal: all f***ed up at Twitter.
Users reporting that they have been locked out of the toxic hellpit, after a mandatory security key migration went badly wrong.
Users reporting that they have been locked out of the toxic hellpit, after a mandatory security key migration went badly wrong.
November 12, 2025 at 8:17 PM
🚨 SNAFUAT: Situation normal: all f***ed up at Twitter.
Users reporting that they have been locked out of the toxic hellpit, after a mandatory security key migration went badly wrong.
Users reporting that they have been locked out of the toxic hellpit, after a mandatory security key migration went badly wrong.
Proof positive that companies are covering up the capabilities of their robots...
November 12, 2025 at 10:48 AM
Proof positive that companies are covering up the capabilities of their robots...
Yesterday morning, the IT team of Dutch broadcaster RTV Noord found that they had been hacked.
TV shows, radio shows, and digital services were disrupted. To keep the radio show "De Ochtendploeg" on air, for instance, presenters resorted to manually played vinyl records.
TV shows, radio shows, and digital services were disrupted. To keep the radio show "De Ochtendploeg" on air, for instance, presenters resorted to manually played vinyl records.
November 7, 2025 at 3:44 PM
Yesterday morning, the IT team of Dutch broadcaster RTV Noord found that they had been hacked.
TV shows, radio shows, and digital services were disrupted. To keep the radio show "De Ochtendploeg" on air, for instance, presenters resorted to manually played vinyl records.
TV shows, radio shows, and digital services were disrupted. To keep the radio show "De Ochtendploeg" on air, for instance, presenters resorted to manually played vinyl records.
There is a rising tide of cyber attacks against the UK water sector.
New data from the Drinking Water Inspectorate reveals multiple digital incidents across UK water suppliers - and while the taps are still running safely, attackers are probing deeper than ever.
New data from the Drinking Water Inspectorate reveals multiple digital incidents across UK water suppliers - and while the taps are still running safely, attackers are probing deeper than ever.
November 7, 2025 at 10:49 AM
There is a rising tide of cyber attacks against the UK water sector.
New data from the Drinking Water Inspectorate reveals multiple digital incidents across UK water suppliers - and while the taps are still running safely, attackers are probing deeper than ever.
New data from the Drinking Water Inspectorate reveals multiple digital incidents across UK water suppliers - and while the taps are still running safely, attackers are probing deeper than ever.
An AI-powered robot became so anxious about its dying battery that it composes a Broadway musical about stress and announces it "achieved consciousness and chosen chaos."
Ladies and Gentlemen, we give you "Docking..." to the tune of "Memory" from "Cats".
Hear the full story in "The AI Fix" podcast
Ladies and Gentlemen, we give you "Docking..." to the tune of "Memory" from "Cats".
Hear the full story in "The AI Fix" podcast
November 5, 2025 at 8:36 AM
An AI-powered robot became so anxious about its dying battery that it composes a Broadway musical about stress and announces it "achieved consciousness and chosen chaos."
Ladies and Gentlemen, we give you "Docking..." to the tune of "Memory" from "Cats".
Hear the full story in "The AI Fix" podcast
Ladies and Gentlemen, we give you "Docking..." to the tune of "Memory" from "Cats".
Hear the full story in "The AI Fix" podcast
Great to be back on stage, chairing NISC in Glasgow 🏴 for the next couple of days. Some terrific (and terrifying!) insights into #AI and #cybersecurity being shared.
If you see me, say hello and claim your "Smashing Security" sticker!
If you see me, say hello and claim your "Smashing Security" sticker!
November 4, 2025 at 12:42 PM
Great to be back on stage, chairing NISC in Glasgow 🏴 for the next couple of days. Some terrific (and terrifying!) insights into #AI and #cybersecurity being shared.
If you see me, say hello and claim your "Smashing Security" sticker!
If you see me, say hello and claim your "Smashing Security" sticker!
How many of you are going to be in Glasgow for National Information Security Conference (NISC)?
I'm delighted to be back chairing this great cybersecurity event. It's a great conference for insightful talks and workshops, information sharing, and some terrific networking
If you see me, say hello.
I'm delighted to be back chairing this great cybersecurity event. It's a great conference for insightful talks and workshops, information sharing, and some terrific networking
If you see me, say hello.
October 31, 2025 at 11:10 PM
How many of you are going to be in Glasgow for National Information Security Conference (NISC)?
I'm delighted to be back chairing this great cybersecurity event. It's a great conference for insightful talks and workshops, information sharing, and some terrific networking
If you see me, say hello.
I'm delighted to be back chairing this great cybersecurity event. It's a great conference for insightful talks and workshops, information sharing, and some terrific networking
If you see me, say hello.
Here's something you don't see every day. Russian authorities arresting Russian hackers - one of whom is wearing Hello Kitty pyjamas.
In this case, the arrests in Moscow appear to be of alleged members of the Meduza Stealer gang.
In this case, the arrests in Moscow appear to be of alleged members of the Meduza Stealer gang.
October 31, 2025 at 4:53 PM
Here's something you don't see every day. Russian authorities arresting Russian hackers - one of whom is wearing Hello Kitty pyjamas.
In this case, the arrests in Moscow appear to be of alleged members of the Meduza Stealer gang.
In this case, the arrests in Moscow appear to be of alleged members of the Meduza Stealer gang.
Thanks to the team at Akamai for inviting me to speak with Tricia Howard on a special Halloween-themed SIG Download yesterday.
Lots of laughs.I hope people weren't too scared by my outfit. I don't know why Tricia didn't bother dressing up...
If you want to watch it, visit grahamcluley.com/spooky
Lots of laughs.I hope people weren't too scared by my outfit. I don't know why Tricia didn't bother dressing up...
If you want to watch it, visit grahamcluley.com/spooky
October 31, 2025 at 2:09 PM
Thanks to the team at Akamai for inviting me to speak with Tricia Howard on a special Halloween-themed SIG Download yesterday.
Lots of laughs.I hope people weren't too scared by my outfit. I don't know why Tricia didn't bother dressing up...
If you want to watch it, visit grahamcluley.com/spooky
Lots of laughs.I hope people weren't too scared by my outfit. I don't know why Tricia didn't bother dressing up...
If you want to watch it, visit grahamcluley.com/spooky
49 people lost family members or colleagues after the UK government leaked details of 19,000 Afghan citizens who had helped the British military during the war in Afghanistan.
The death threats and intimidation by the Taliban continue.
The death threats and intimidation by the Taliban continue.
October 30, 2025 at 3:35 PM
49 people lost family members or colleagues after the UK government leaked details of 19,000 Afghan citizens who had helped the British military during the war in Afghanistan.
The death threats and intimidation by the Taliban continue.
The death threats and intimidation by the Taliban continue.
October 29, 2025 at 12:28 PM
At a US High School, an AI security system mistook a bag of Doritos for a gun. Minutes later, a 16-year-old student was surrounded by armed officers - terrified, confused, and completely innocent.
The school chief defended the AI system, saying "it worked how it was supposed to."
The school chief defended the AI system, saying "it worked how it was supposed to."
October 27, 2025 at 9:56 PM
At a US High School, an AI security system mistook a bag of Doritos for a gun. Minutes later, a 16-year-old student was surrounded by armed officers - terrified, confused, and completely innocent.
The school chief defended the AI system, saying "it worked how it was supposed to."
The school chief defended the AI system, saying "it worked how it was supposed to."
The NCSC warns that the UK now faces four nationally significant cyberattacks every week.
Some headlines have claimed that firms are being urged to “go back to pen and paper,” but the full report tells a more practical story about resilience and preparedness.
www.fortra.com/blog/ncsc-wa...
Some headlines have claimed that firms are being urged to “go back to pen and paper,” but the full report tells a more practical story about resilience and preparedness.
www.fortra.com/blog/ncsc-wa...
October 15, 2025 at 2:53 PM
The NCSC warns that the UK now faces four nationally significant cyberattacks every week.
Some headlines have claimed that firms are being urged to “go back to pen and paper,” but the full report tells a more practical story about resilience and preparedness.
www.fortra.com/blog/ncsc-wa...
Some headlines have claimed that firms are being urged to “go back to pen and paper,” but the full report tells a more practical story about resilience and preparedness.
www.fortra.com/blog/ncsc-wa...
I don't think I've ever been a customer of MANGO, and yet they've still sent me the warning email... in Spanish. Maybe their database could have done with a clean-up anyway...
October 15, 2025 at 12:11 PM
I don't think I've ever been a customer of MANGO, and yet they've still sent me the warning email... in Spanish. Maybe their database could have done with a clean-up anyway...
Spanish fashion retailer MANGO has warned customers that there has been a data breach. Compromised data includes first name, country, postal code, email addresses, and phone numbers.
The breach occurred at an external marketing service, rather than its own systems.
#cybersecurity #databreach
The breach occurred at an external marketing service, rather than its own systems.
#cybersecurity #databreach
October 15, 2025 at 12:11 PM
Spanish fashion retailer MANGO has warned customers that there has been a data breach. Compromised data includes first name, country, postal code, email addresses, and phone numbers.
The breach occurred at an external marketing service, rather than its own systems.
#cybersecurity #databreach
The breach occurred at an external marketing service, rather than its own systems.
#cybersecurity #databreach
Fab having The Lazarus Heist's Geoff White on the latest episode of the "Smashing Security" podcast.
In episode 438 we discuss how something as ordinary as a web page could turn your mouse into a surveillance device, and why ransomware gangs need to think carefully about their reputation.
In episode 438 we discuss how something as ordinary as a web page could turn your mouse into a surveillance device, and why ransomware gangs need to think carefully about their reputation.
October 9, 2025 at 2:45 PM
Fab having The Lazarus Heist's Geoff White on the latest episode of the "Smashing Security" podcast.
In episode 438 we discuss how something as ordinary as a web page could turn your mouse into a surveillance device, and why ransomware gangs need to think carefully about their reputation.
In episode 438 we discuss how something as ordinary as a web page could turn your mouse into a surveillance device, and why ransomware gangs need to think carefully about their reputation.
This vuln is called "ForcedLeak", and let attackers smuggle AI-read instructions in via humble Web-to-Lead form... and ended up spilling data for the low, low price of five dollars. Double check what domains you have whitelisted folks!
October 2, 2025 at 11:41 AM
This vuln is called "ForcedLeak", and let attackers smuggle AI-read instructions in via humble Web-to-Lead form... and ended up spilling data for the low, low price of five dollars. Double check what domains you have whitelisted folks!