Award-winning #cybersecurity keynote speaker, writer, podcaster | Host of multi-award-winning @smashingsecurity.com podcast. ❤️ #DoctorWho, #Beatles, #Chess He/him 🌐 https://grahamcluley.com 🎙️ https://www.smashingsecurity.comhttps://bsky.app/profile/grahamcluley.comhttps://bsky.app/profile/grahamcluley.com/post/3mk6xsx2zt22yGreat to have the BBC's @joetidy.bsky.social join me on this week's "Smashing Security" podcast! * How a firm that ran anonymous tip lines for 35,000 American schools, boasted it had never been breached in over 20 years, only for a hacker called Internet Yiff Machine to put them to the test...23 Apr 2026 21:36 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mk6xsx2zt22yhttps://bsky.app/profile/grahamcluley.com/post/3mjp2mnhpts2iA fake Ledger Live app sat in Apple's App Store long enough to steal $9.5 million from more than 50 victims - including a certain G. Love of G. Love & Special Sauce, who lost 5.9 Bitcoin he'd held for ten years as his retirement fund. All it took was a seed phrase... https://www.bitdefender.com/en-us/blog/hotforsecurity/singer-loses-life-savings-fake-wallet17 Apr 2026 13:44 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mjp2mnhpts2ihttps://bsky.app/profile/grahamcluley.com/post/3mjmo2vgjkk2sGreat to have @shehackspurple.bsky.social join me on the latest episode of "Smashing Security", where we talked about hackers targeting Venice's flood defence systems, Anthropic's latest exploits, and even some of our favourite TV shows.. www.smashingsecurity.com/46316 Apr 2026 14:54 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mjmo2vgjkk2shttps://bsky.app/profile/grahamcluley.com/post/3mjko5ntvdk2kDo you know what Chrome browser extensions you're running right now? 108 malicious Chrome extensions that were quietly stealing Google account data, hijacking Telegram sessions, and injecting gambling ads have just been found. They clocked up around 20,000 installs. https://www.bitdefender.com/en-us/blog/hotforsecurity/malicious-chrome-extensions-steal-google-telegram-data15 Apr 2026 19:50 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mjko5ntvdk2khttps://bsky.app/profile/grahamcluley.com/post/3mjhfby2wxc2yI'm speaking at Rapid7's 2026 Global Cybersecurity Summit, May 12-13. Come hear me chat about how modern attacks actually start, and the reality of running a SOC in 2026 - alongside @racheltobac.bsky.social, @rajsamani.bsky.social, and @brianhonan.bsky.social rapid7.brighttalk.com?utm_source=r... https://rapid7.brighttalk.com/?utm_source=referral&utm_medium=organic&utm_content=cluley&utm_campaign=global-pla-2026-global-virtual-summit-prospect-eng14 Apr 2026 12:33 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mjhfby2wxc2yhttps://bsky.app/profile/grahamcluley.com/post/3mjh3xxcw5c2fSeason 18 of Doctor Who has always had a special place in my heart...14 Apr 2026 09:47 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mjh3xxcw5c2fhttps://bsky.app/profile/grahamcluley.com/post/3mjaamgvhvc2dHey BBC, if you're looking for someone new to make Doctor Who, I think you'll find them on YouTube: https://www.youtube.com/watch?v=ARdZ6t-YAy011 Apr 2026 16:21 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mjaamgvhvc2dhttps://bsky.app/profile/grahamcluley.com/post/3mj36zuaxhc23A huge thank you to The Cyberwire's Dave Bittner for joining me on this week's Smashing Security podcast! This week we reveal what LinkedIn really knows about you (it's rather more than you might expect - and rather more than they're letting on). 1/209 Apr 2026 16:10 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mj36zuaxhc23https://bsky.app/profile/grahamcluley.com/post/3mivms765fs2fCambodia has passed a landmark law targeting scam compounds that have enslaved up to 150,000 people... forcing them to run romance scams and fake crypto schemes or be beaten and tortured. Penalties are severe. Up to LIFE IMPRISONMENT for the worst offenders. 1/2 https://www.bitdefender.com/en-us/blog/hotforsecurity/life-imprisonment-cambodian-scam-operators07 Apr 2026 11:00 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mivms765fs2fhttps://bsky.app/profile/grahamcluley.com/post/3milggipnlk2eA Nigerian fraudster spent years posing as a woman online, romancing unsuspecting American men out of their savings - until he accidentally tried the same trick on a fellow scammer, who told him to "learn how to do a clean job." The recovered chat logs helped put him behind bars for 15 years. https://www.bitdefender.com/en-us/blog/hotforsecurity/nigerian-romance-scammer-jailed03 Apr 2026 09:39 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3milggipnlk2ehttps://bsky.app/profile/grahamcluley.com/post/3mijcu3dzy22kA huge thank you to @dannypalmer.bsky.social for joining me on this week's Smashing Security podcast! We unravel the tale of an Irish beekeeper and cannabis farmer whose $400 million fortune is locked inside a missing fishing rod. Or is it? Because one of his cryptowallets just woke up...02 Apr 2026 13:30 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mijcu3dzy22khttps://bsky.app/profile/grahamcluley.com/post/3miglcptkyk2jOne of the alleged developers behind the notorious RedLine infostealer, malware which has stolen data from victims in over 150 countries, has been extradited to the US and faces up to 30 years in prison. His alleged co-conspirator remains out of reach in Russia https://www.bitdefender.com/en-us/blog/hotforsecurity/redline-malware-developer-extradited01 Apr 2026 11:23 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3miglcptkyk2jhttps://bsky.app/profile/grahamcluley.com/post/3mie7ojopmk2uWhen hackers attacked global medtech giant Stryker, they didn't use ransomware. Iran-linked group Handala simply logged into Microsoft Intune, and issued remote wipe commands. 200,000+ devices were wiped. My chat with Rob Edmondson of CoreView about what happened https://www.youtube.com/watch?v=4Q2hCxtzG2A31 Mar 2026 12:50 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mie7ojopmk2uhttps://bsky.app/profile/grahamcluley.com/post/3midoidxors2vIt's not every day that you read that the head of America's top law enforcement agency has been hacked, but then - these aren't ordinary times. Iranian hackers have breached FBI director Kash Patel's personal Gmail account, and posted his CV and photos online. https://www.bitdefender.com/en-us/blog/hotforsecurity/iranian-hackers-breach-fbi-directors-personal-email-post-cv-and-photos-online31 Mar 2026 07:42 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3midoidxors2vhttps://bsky.app/profile/grahamcluley.com/post/3mi2as4lnlk2kWorld Leaks is an extortion gang that doesn't encrypt your data. Just steals your data and threatens to leak it. Over 130 victims, including Nike, Dell, and UBS. They even offer journalists early access to stolen data to crank up the pressure on victims. Charming. https://www.fortra.com/blog/world-leaks-data-extortion-what-you-need-know27 Mar 2026 13:43 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mi2as4lnlk2khttps://bsky.app/profile/grahamcluley.com/post/3mhxkau3kr227On this week's episode of "Smashing Security": ⊙ a disgruntled contractor steals his ex-employer's payroll database and demands $2.5 million ⊙ two mysterious individuals drive up to a nuclear submarine base and ask to look around https://open.spotify.com/episode/6Hry6ZxMfkmHyv0cfevs5F?si=3ZGtVAvQTPewiOQ4kfrOLA with guest Jenny Radcliffe!26 Mar 2026 11:54 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhxkau3kr227https://bsky.app/profile/grahamcluley.com/post/3mhvencqyq223📅 Delighted to announce that I'll be delivering the keynote at Cybercon Staffordshire on Weds 8 April, at the Wade Conference Centre, Stoke-on-Trent. I'll be discussing how your AI workforce might actually be your biggest security risk. Free tickets: www.grahamcluley.com/cybercon25 Mar 2026 15:09 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhvencqyq223https://bsky.app/profile/grahamcluley.com/post/3mhvddw3tm22lAI-generated songs. Bot-powered streams. $8 million stolen from real artists. A North Carolina man just pleaded guilty. Read the full story about how one man used 10,000 bots to steal $8,000,000 over on the Bitdefender blog: https://www.bitdefender.com/en-us/blog/hotforsecurity/10k-bots-steal-8-million-from-music-artists25 Mar 2026 14:46 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhvddw3tm22lhttps://bsky.app/profile/grahamcluley.com/post/3mhq3ezr6ic2zA wanted fugitive hides in a kitchen cabinet while police search the house around him - and decides to post about his whereabouts on Snapchat. Twice. 🤦 The lesson? If you don't want people to know where you are, don't post it on social media. Seems obvious, but apparently not to everyone...23 Mar 2026 12:40 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhq3ezr6ic2zhttps://bsky.app/profile/grahamcluley.com/post/3mhitarpvxk2p"Trump murders children!" Denver's crosswalks hacked to broadcast anti-Trump messages. Read more in my article on the Bitdefender blog: https://www.bitdefender.com/en-us/blog/hotforsecurity/denvers-crosswalks-hacked-broadcast-anti-trump-messages20 Mar 2026 15:26 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhitarpvxk2phttps://bsky.app/profile/grahamcluley.com/post/3mhiitocazs2jA ransomware gang that claims to be a group of "investigative journalists"? Meet LeakNet - the group using fake CAPTCHA pages to trick employees into hacking themselves. Check out my article on the Fortra blog: https://www.fortra.com/blog/leaknet-ransomware-what-you-need-know20 Mar 2026 12:19 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhiitocazs2jhttps://bsky.app/profile/grahamcluley.com/post/3mhg6sblcxs2sIf you think maximum Apple security settings make you untouchable, think again. This week we dig into a genuinely unsettling account takeover attempt against WordPress co-founder Matt Mullenweg - MFA fatigue, real Apple alerts, a convincing impersonation call, and a phishing page.19 Mar 2026 14:14 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhg6sblcxs2shttps://bsky.app/profile/grahamcluley.com/post/3mhbrxuqlyk2dEquifax got hacked. Nearly 150 million people's data stolen. And the executives' first move was to quietly sell their shares. 🤦 This is The Facepalm Files. Check out my podcast "Smashing Security" for more stories like this. #facepalm #cybersecurity #equifax #databreach #infosec #hacking17 Mar 2026 20:14 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mhbrxuqlyk2dhttps://bsky.app/profile/grahamcluley.com/post/3mharle6rhc2kDrivers in the Russian city of Perm have been enjoying an unexpected bonus this week: free parking. Thanks hackers! https://www.bitdefender.com/en-us/blog/hotforsecurity/free-parking-russia-distributed-denial-of-service-attack-parking-system17 Mar 2026 10:34 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mharle6rhc2khttps://bsky.app/profile/grahamcluley.com/post/3mh2mudgkik27Government seizes $5M in crypto 💰 accidentally posts the password online 🤦 someone steals it ✅ thief hands themselves in 😇 coins returned ✅ another thief then steals them AGAIN 😭 If you like stories like this, check out my podcast "Smashing Security".14 Mar 2026 23:54 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mh2mudgkik27https://bsky.app/profile/grahamcluley.com/post/3mgwartqzv22fZOMFG! They’ve only found some more episodes of the ruddy Daleks’ Master Plan! It’s Christmas for all classic Doctor Who fans this Easter. :) [contains quote post or other embedded content]13 Mar 2026 06:07 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mgwartqzv22fhttps://bsky.app/profile/grahamcluley.com/post/3mguxh2zyj22e🎙️ This week in "Smashing Security": 🐦 A Wikipedia security engineer accidentally woke a dormant JavaScript worm that had been sitting silently since 2024 - and for 23 minutes, giant woodpecker images were plastered across the entire Wikimedia ecosystem. Yes, really. 1/312 Mar 2026 17:47 +0000at://did:plc:6hv6p4ioxwou7ozkvuasjpyy/app.bsky.feed.post/3mguxh2zyj22e