Graham Cluely

Dutch police have announced that they have identified 126 individuals linked to the now dismantled Cracked.io cybercrime forum. Read more in my article on the Hot for Security blog.

Bert is a recently-discovered strain of ransomware that encrypts victims' files and demands a payment for the decryption key. Read more in my article on the Fortra blog.

Relying too heavily on a US tech giant for your nation’s digital infrastructure is starting to feel a bit... well, risky.

Lucky Erasmus and a company insider installed software without authorisation on Ecentric's systems which granted them remote access, enabling them to steal sensitive data and make unauthorised changes to senior managers' passwords. Read more in my article on the Hot for Security blog.

Swedish Prime Minister Ulf Kristersson says his country is under attack, after days of hard-hitting DDoS attacks against SVT Sweden's public TV broadcaster, government websites, and other key organisations.

Cybercriminals are exploiting the growing interest in open source AI models by disguising malware as a legitimate installer for DeepSeek.

The spate of cyber attacks impacting the retail industry continues, with the latest victim being United Natural Foods (UNFI), which supplies organic produce to Whole Foods, Amazon, Target, and Walmart, amongst many others. Read more in my article on the Hot for Security blog.

What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international student conned by fake ICE agents have in common? This week’s episode of the "Smashing Security" podcast obviously. Graham explains how a Singaporean bug-hunter cracked Google’s defences and could brute-force your full phone number. Meanwhile, Carole dives into a chilling scam where ICE impersonators used fear, spoofed numbers, and... Apple gift cards to extort terrified migrants. Plus: Nazis, door safety, and the age-old struggle of telling Ralph Fiennes from Liam Neeson. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

In episode 54 of The AI Fix, Graham saves humanity with a CAPTCHA, Mark wonders whether AI can suffer, ChatGPT throws shade at Abba's Björn Ulvaeus, an AI called Jack ask if you want fries with that, an artist invents AI bird poop, and Eric Schmidt says we should unplug AI when it gets direct access to weapons. Graham finds out what happens when a rag tag team of AIs is given 30 days to raise money for charity, and Mark explores model collapse and Claude Opus 4.0's weird obsession with a fictional factory-farmed chicken company. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.

If Ofcom finds 4chan at fault, it can impose fines of up to £18 million or 10% of qualifying worldwide revenue (whichever is greater). It could even require ISPs to block access to 4chan in the UK.

Over Easter, retail giant Marks & Spencer (M&S) discovered that it had suffered a highly damaging ransomware attack that left some shop shelves empty, shut down online ordering, some staff unable to clock in and out, and caused some of its major suppliers to resort to pen and paper. In a gloating abuse-filled email to M&S CEO Stuart Machin, the DragonForce hacker group claimed responsibility for the attack. Read more in my article on the Hot for Security blog.

How would you like to earn yourself millions of dollars? Well, it may just be possible - if you have information which could help expose the identities of cybercriminals involved with the notorious RedLine information-stealing malware. Read more in my article on the Tripwire State of Security blog.

MailerLite has contacted tits customers warning them about a phishing campaign that is trying to steal login details.

A bizarre case of political impersonation, where Trump’s top aide Susie Wiles is cloned (digitally, not biologically — we think), and high-ranking Republicans start getting invitations to link up with "her" on Telegram to share their Trump pardon wishlists. Was it a deepfake? Or just someone with a halfway decent impression and access to a shady data broker? Meanwhile, we take a worryingly familiar journey into the mental health crisis in the UK — and how TikTok is stepping in with advice like “eat an orange in the shower” to cure your anxiety. Spoiler: it won’t. But it might make your bathroom smell nice. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

In episode 53 of The AI Fix, our hosts suspect the CEO of Duolingo has been kidnapped by an AI, Sergey Brin says AIs work better if you threaten them with physical violence, Graham wonders how you put a collar on a headless robot dog, Mark asks why kickboxing robots wear head guards, and the CEO of Anthropic says AI could wipe out entry-level jobs. Graham asks your favourite AI how it feels about being kidnapped, and Mark explains how an AI tried to save itself by blackmailing the engineer responsible for turning it off. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.

The UK’s Ministry of Defence has revealed that it was the target of a sophisticated cyber attack that saw Russia-linked hackers pose as journalists. Read more in my article on the Hot for Security blog.

"We don’t just want payment; we want accountability." The malicious hackers behind the Interlock ransomware try to justify their attacks. Learn more about what you need to know about Interlock in my article on the Tripwire State of Security blog.

Why is a cute Star Wars fan website now redirecting to the CIA? How come Cambodia has become the world's hotspot for scam call centres? And can a WhatsApp image really drain your bank account with a single download, or is it just a load of hacker hokum? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Allan Liska.

Lovers of Adidas clothes would be wise to be on their guard against phishing attacks, after the German sportswear giant revealed that a cyber attack had exposed the personal information of customers. Read more in my article on the Hot for Security blog.

In episode 52 of The AI Fix, our hosts watch a non-existent musical about garlic bread, Graham shares a summer reading list of books that don't exist, Mark feels nauseous after watching a video of Sam Altman and Jony Ive waffling about products that don't exist, some non-existent robots stack empty crates in a factory that doesn't exist, and OpenAI releases Codex, an AI agent destined to make your software engineering job not exist. Graham reveals how an AI called "Thy" has ruined his childhood dream of becoming a late night radio DJ, and Mark looks at an experiment that showed groups of AI agents spontaneously create social norms—the building blocks of a society. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.