Graham Cluley
@grahamcluley.com
Award-winning #cybersecurity and #AI keynote speaker, writer, podcaster | Host of @smashingsecurity.com podcast.
❤️ #DoctorWho, #Beatles, #Chess
He/him
🌐 https://grahamcluley.com
🎙️ https://www.smashingsecurity.com
❤️ #DoctorWho, #Beatles, #Chess
He/him
🌐 https://grahamcluley.com
🎙️ https://www.smashingsecurity.com
pcTattletale was one of those spyware outfits that insisted it sold perfectly legitimate "employee" and "child monitoring" software - while loudly marketing how it could be used to spy on partners without their knowledge. What could possibly go wrong?
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges - marking one of the few successful US prosecutions of a st...
www.bitdefender.com
January 9, 2026 at 2:56 PM
pcTattletale was one of those spyware outfits that insisted it sold perfectly legitimate "employee" and "child monitoring" software - while loudly marketing how it could be used to spy on partners without their knowledge. What could possibly go wrong?
Reposted by Graham Cluley
Huge thanks to @hacks4pancakes.com for joining us on our latest podcast, where we discuss a romance scammer's handbook for stealing dollars (and hearts), and chat about the cybersecurity career crisis.
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
January 8, 2026 at 7:15 PM
Huge thanks to @hacks4pancakes.com for joining us on our latest podcast, where we discuss a romance scammer's handbook for stealing dollars (and hearts), and chat about the cybersecurity career crisis.
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
Plus don't miss our featured interview with ThreatLocker founder Danny Jenkins!
"Although not the app I just posted this on, obviously..."
January 7, 2026 at 11:43 AM
"Although not the app I just posted this on, obviously..."
I don't understand how the UK govt (and indeed many firms) can continue to maintain a presence on Musk's piss-palace.
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
The government says it has to stay on X because it’s where 10.8 million British families get their news. How’s that working out?
www.thenewworld.co.uk/rats-in-a-sa...
www.thenewworld.co.uk/rats-in-a-sa...
January 7, 2026 at 10:36 AM
I don't understand how the UK govt (and indeed many firms) can continue to maintain a presence on Musk's piss-palace.
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
Their continued association with Twitter is an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real women and girls
Remember when Coinbase said its support staff had been bribed to hand over customer records, leading to hackers demanding a $20 million ransom or 70,000 customers' data would be leaked?
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
Coinbase insider who sold customer data to criminals arrested in India
Police in India have arrested a former Coinbase customer service agent who is believed to have been bribed by cybercriminal gangs to access sensitive customer information.
www.bitdefender.com
January 6, 2026 at 8:43 AM
Remember when Coinbase said its support staff had been bribed to hand over customer records, leading to hackers demanding a $20 million ransom or 70,000 customers' data would be leaked?
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
A Coinbase customer support agent has been arrested in India.
www.bitdefender.com/en-us/blog/h...
In entirely predictable news, it has been found that portions of the newly-released Jeffrey Epstein files - intended to be redacted - can be effectively *UN-redacted* by using simple techniques... including highlight text and pasting it into a word processor!! 🤦♂️
www.theguardian.com/us-news/2025...
www.theguardian.com/us-news/2025...
Some Epstein file redactions are being undone with hacks
Un-redacted text from released documents began circulating on social media on Monday evening
www.theguardian.com
December 24, 2025 at 10:28 AM
In entirely predictable news, it has been found that portions of the newly-released Jeffrey Epstein files - intended to be redacted - can be effectively *UN-redacted* by using simple techniques... including highlight text and pasting it into a word processor!! 🤦♂️
www.theguardian.com/us-news/2025...
www.theguardian.com/us-news/2025...
Is Santa Claus real? 🎅 This Christmas special of "The AI Fix podcast" sets out to answer that question in the most sensible way possible: by consulting chatbots, Google's festive killjoys, and the laws of relativistic physics.
grahamcluley.com/the-ai-fix-8...
grahamcluley.com/the-ai-fix-8...
The AI Fix #82: Santa Claus doesn’t exist (according to AI)
Is Santa Claus real? This Christmas special of The AI Fix podcast sets out to answer that question in the most sensible way possible: by consulting chatbots, Google’s festive killjoys, and the laws of...
grahamcluley.com
December 23, 2025 at 3:38 PM
Is Santa Claus real? 🎅 This Christmas special of "The AI Fix podcast" sets out to answer that question in the most sensible way possible: by consulting chatbots, Google's festive killjoys, and the laws of relativistic physics.
grahamcluley.com/the-ai-fix-8...
grahamcluley.com/the-ai-fix-8...
📚Think your Kindle is harmless? Think again! @dannypalmer.bsky.social and I unpack how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account - in the latest episode of the "Smashing Security" podcast
grahamcluley.com/smashing-sec...
grahamcluley.com/smashing-sec...
Smashing Security podcast #448: The Kindle that got pwned
Think your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader – potentially letting an…
grahamcluley.com
December 18, 2025 at 5:03 PM
📚Think your Kindle is harmless? Think again! @dannypalmer.bsky.social and I unpack how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account - in the latest episode of the "Smashing Security" podcast
grahamcluley.com/smashing-sec...
grahamcluley.com/smashing-sec...
Ahoy! 👨✈️ A cruise line firm has banned the use of smart glasses (like Meta Ray-Bans and Google Glass) onboard in public areas. And apparently some people aren't happy about it!
www.bitdefender.com/en-us/blog/h...
www.bitdefender.com/en-us/blog/h...
Surveillance at sea: Cruise firm bans smart glasses to curb covert recording
If you're planning a cruise for your holidays, and cannot bear the idea of being parted from your Ray-Ban Meta smart glasses, you may want to avoid sailing with MSC Cruises.
www.bitdefender.com
December 17, 2025 at 1:43 PM
Ahoy! 👨✈️ A cruise line firm has banned the use of smart glasses (like Meta Ray-Bans and Google Glass) onboard in public areas. And apparently some people aren't happy about it!
www.bitdefender.com/en-us/blog/h...
www.bitdefender.com/en-us/blog/h...
A 49-year-old man has been jailed for 5½ years after admitting to creating detailed video tutorials that showed members of a criminal gang how to infect Android phones with spyware and drain bank accounts.
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Man jailed for teaching criminals how to use malware
Regular readers of Hot for Security will have read plenty of articles about cybercriminals who have created malware, or malicious hackers who have used malware to infect the systems of victims.
www.bitdefender.com
December 15, 2025 at 10:30 AM
A 49-year-old man has been jailed for 5½ years after admitting to creating detailed video tutorials that showed members of a criminal gang how to infect Android phones with spyware and drain bank accounts.
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Read more in my article on the Bitdefender blog:
www.bitdefender.com/en-us/blog/h...
Reposted by Graham Cluley
I keep having to justify why I want to go to conferences outside the USA and the simple answer is "Many of the people it would be helpful to talk to are no longer able to enter the USA"
December 10, 2025 at 7:49 AM
I keep having to justify why I want to go to conferences outside the USA and the simple answer is "Many of the people it would be helpful to talk to are no longer able to enter the USA"
A security researcher has found a vulnerability on a photo booth company’s website.
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
December 14, 2025 at 9:40 PM
A security researcher has found a vulnerability on a photo booth company’s website.
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
A tiny flaw... as in anyone on the internet could browse and download customers of Hama Film’s booths’ photos and videos by exploiting the simple flaw.
🤦♂️
Agentic AI browsers introduce serious new security risks and should be blocked "for the foreseeable future." That's the opinion of a new report from analyst firm Gartner.
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...
Gartner Tells Businesses to Block AI Browsers Now
Gartner has warned that Agentic AI browsers introduce serious new security risks and should be blocked "for the foreseeable future."
www.fortra.com
December 12, 2025 at 12:56 PM
Agentic AI browsers introduce serious new security risks and should be blocked "for the foreseeable future." That's the opinion of a new report from analyst firm Gartner.
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...
What do you think? Would you trust an AI browser inside your company?
www.fortra.com/blog/gartner...
Great to have @jennyradcliffe.bsky.social on the latest episode of the "Smashing Security" podcast!
📍 How Grok can doxx members of the public, and aid stalkers
👑 What the Louvre heist teaches us about social engineering
🧑💻 Why misconfigurations and over-privileged accounts can make M365 a nightmare
📍 How Grok can doxx members of the public, and aid stalkers
👑 What the Louvre heist teaches us about social engineering
🧑💻 Why misconfigurations and over-privileged accounts can make M365 a nightmare
Smashing Security podcast #447: Grok the stalker, the Louvre heist, and Microsoft 365 mayhem
On this week’s show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire’s lawn and ends with Grok happily…
grahamcluley.com
December 11, 2025 at 10:53 AM
Great to have @jennyradcliffe.bsky.social on the latest episode of the "Smashing Security" podcast!
📍 How Grok can doxx members of the public, and aid stalkers
👑 What the Louvre heist teaches us about social engineering
🧑💻 Why misconfigurations and over-privileged accounts can make M365 a nightmare
📍 How Grok can doxx members of the public, and aid stalkers
👑 What the Louvre heist teaches us about social engineering
🧑💻 Why misconfigurations and over-privileged accounts can make M365 a nightmare
A new report from the United States's Financial Crimes Enforcement Network (FinCEN) has shone a revealing light on the state of the criminal industry of ransomware.
The report, which examines ransomware incidents from 2022 to 2024, reveals that attackers extorted more than $2.1 billion.
The report, which examines ransomware incidents from 2022 to 2024, reveals that attackers extorted more than $2.1 billion.
December 10, 2025 at 4:20 PM
A new report from the United States's Financial Crimes Enforcement Network (FinCEN) has shone a revealing light on the state of the criminal industry of ransomware.
The report, which examines ransomware incidents from 2022 to 2024, reveals that attackers extorted more than $2.1 billion.
The report, which examines ransomware incidents from 2022 to 2024, reveals that attackers extorted more than $2.1 billion.
Remember when a notorious ransomware gang hit the Irish Health Service back in May 2021?
Four years on from one of the biggest cyber attacks in Ireland's history, and victims who had their data exposed can finally expect to receive compensation.
€750!!!
www.bitdefender.com/en-us/blog/h...
Four years on from one of the biggest cyber attacks in Ireland's history, and victims who had their data exposed can finally expect to receive compensation.
€750!!!
www.bitdefender.com/en-us/blog/h...
Four years later, Irish health service offers €750 to victims of ransomware attack
Remember when a notorious ransomware gang hit the Irish Health Service back in May 2021? Four years on, and it seems victims who had their data exposed will finally receive compensation.
www.bitdefender.com
December 10, 2025 at 1:20 PM
Remember when a notorious ransomware gang hit the Irish Health Service back in May 2021?
Four years on from one of the biggest cyber attacks in Ireland's history, and victims who had their data exposed can finally expect to receive compensation.
€750!!!
www.bitdefender.com/en-us/blog/h...
Four years on from one of the biggest cyber attacks in Ireland's history, and victims who had their data exposed can finally expect to receive compensation.
€750!!!
www.bitdefender.com/en-us/blog/h...
When you spend half a million dollars in a single night at a nightclub, purchase exotic cars worth millions, and rent mansions under false names, you are risking drawing attention to yourself...
www.bitdefender.com/en-us/blog/h...
www.bitdefender.com/en-us/blog/h...
California man admits role in $263 million cryptocurrency theft that funded lavish lifestyle
A 22-year-old from Newport Beach, California has pleaded guilty to his role in a sophisticated criminal network that stole approximately US $263 million in cryptocurrency from victims.
www.bitdefender.com
December 9, 2025 at 1:31 PM
When you spend half a million dollars in a single night at a nightclub, purchase exotic cars worth millions, and rent mansions under false names, you are risking drawing attention to yourself...
www.bitdefender.com/en-us/blog/h...
www.bitdefender.com/en-us/blog/h...
Grok - Elon Musk's AI chatbot - has been caught handing out home addresses of ordinary individuals... on demand. 
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
Privacy concerns raised as Grok AI found to be a stalker's best friend
Grok, the AI chatbot developed by Elon Musk's xAI, has been found to exhibit more alarming behaviour - this time revealing the home addresses of ordinary people upon request.
www.bitdefender.com
December 8, 2025 at 4:35 PM
Grok - Elon Musk's AI chatbot - has been caught handing out home addresses of ordinary individuals... on demand. 
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
Very sad to hear that anti-virus veteran Vesselin Bontchev has cancer.
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
Well, it's one of those good news/bad news moments, folks...
bontchev.nlcv.bas.bg
December 6, 2025 at 9:43 PM
Very sad to hear that anti-virus veteran Vesselin Bontchev has cancer.
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
🗓️ Join me on Weds December 10 for the virtual Qualys Cyber Risk Series event: "Cloud-native to AI-native".
I'll be introducing talks from experts examining how Agentic AI is redefining cloud defence - unifying visibility, risk, and response across code, apps, and multi-cloud environments
I'll be introducing talks from experts examining how Agentic AI is redefining cloud defence - unifying visibility, risk, and response across code, apps, and multi-cloud environments
December 5, 2025 at 11:37 PM
🗓️ Join me on Weds December 10 for the virtual Qualys Cyber Risk Series event: "Cloud-native to AI-native".
I'll be introducing talks from experts examining how Agentic AI is redefining cloud defence - unifying visibility, risk, and response across code, apps, and multi-cloud environments
I'll be introducing talks from experts examining how Agentic AI is redefining cloud defence - unifying visibility, risk, and response across code, apps, and multi-cloud environments
Reposted by Graham Cluley
Never a dull moment with Mister Cluley, and his Smashing Security podcast ❤️
Terrific to have @rikferguson.com join me on episode 446 of the Smashing Security podcast, where we discussed how a teenage cybercriminal's attempt to mock a sextortion scammer badly backfired, and take a crystal ball look ahead to what 2026 might have in store...
open.spotify.com/episode/0paB...
open.spotify.com/episode/0paB...
A hacker doxxes himself, and social engineering-as-a-service
open.spotify.com
December 5, 2025 at 11:04 AM
Never a dull moment with Mister Cluley, and his Smashing Security podcast ❤️
Why the record-breaking 30 Tbps DDoS attack should concern every business.
Learn more in my article on the Fortra blog: www.fortra.com/blog/why-rec...
Learn more in my article on the Fortra blog: www.fortra.com/blog/why-rec...
Why the Record-Breaking 30 Tbps DDoS Attack Should Concern Every Business
A new warning about the threat posed by Distributed Denial of Service (DDoS) attacks should make you sit up and listen.
www.fortra.com
December 4, 2025 at 5:43 PM
Why the record-breaking 30 Tbps DDoS attack should concern every business.
Learn more in my article on the Fortra blog: www.fortra.com/blog/why-rec...
Learn more in my article on the Fortra blog: www.fortra.com/blog/why-rec...
Terrific to have @rikferguson.com join me on episode 446 of the Smashing Security podcast, where we discussed how a teenage cybercriminal's attempt to mock a sextortion scammer badly backfired, and take a crystal ball look ahead to what 2026 might have in store...
open.spotify.com/episode/0paB...
open.spotify.com/episode/0paB...
A hacker doxxes himself, and social engineering-as-a-service
open.spotify.com
December 4, 2025 at 9:16 AM
Terrific to have @rikferguson.com join me on episode 446 of the Smashing Security podcast, where we discussed how a teenage cybercriminal's attempt to mock a sextortion scammer badly backfired, and take a crystal ball look ahead to what 2026 might have in store...
open.spotify.com/episode/0paB...
open.spotify.com/episode/0paB...
This would never have happened if it was still Jon Pertwee.
December 3, 2025 at 9:07 PM
This would never have happened if it was still Jon Pertwee.
The FBI has warned that since January 2025 there have been more than 5,100 complaints of account takeover fraud, and total reported losses in excess of US $262 million.
Learn what you can do about it, in my article on the Fortra blog: www.fortra.com/blog/fbi-war...
Learn what you can do about it, in my article on the Fortra blog: www.fortra.com/blog/fbi-war...
FBI Warns of Surge in Account Takeover (ATO) Fraud Schemes - What You Need To Know
The FBI has recently issued a public service announcement that warns that since January 2025 there have been more than 5,100 complaints of account takeover fraud.
www.fortra.com
December 3, 2025 at 3:40 PM
The FBI has warned that since January 2025 there have been more than 5,100 complaints of account takeover fraud, and total reported losses in excess of US $262 million.
Learn what you can do about it, in my article on the Fortra blog: www.fortra.com/blog/fbi-war...
Learn what you can do about it, in my article on the Fortra blog: www.fortra.com/blog/fbi-war...