Graham Cluley

A poisoned Google Calendar invite that can hijack your smart home, a man is hospitalised after ChatGPT told him to season his food with… pesticide, and some thoughts on Superman’s latest cinematic outing. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Dave Bittner from The Cyberwire.

MedusaLocker, the ransomware-as-a-service group that has been active since 2019 is openly recruiting for penetration testers to help it compromise more businesses. Read more in my article on the Fortra blog.

In episode 63 of The AI Fix, Unitree Robotics looks to Black Mirror episode “Metalhead” for tips on marketing its new robot dog, ChatGPT is secretly running Sweden, OpenAI introduces its first open weight model since GPT-2, and your private and personal ChatGPT conversations could be all over Google. Plus, Mark cuts through the GPT-5 hype and asks – is it AGI or just a fancy purple background, and Graham looks at “deadbots” and a disturbing interview between Jim Acosta and an AI version of a teenager killed in a school shooting. All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

The United States Department of Justice has revealed that the recent takedown of the BlackSuit ransomware gang’s servers, domains, and dark web extortion site, also saw the seizure of US $1,091,453 worth of cryptocurrency. Read more in my article on the Hot for Security blog.

TeaOnHer hasn’t stopped at copying the functionality of the original Tea app (albeit skewed towards men rating women). It also appears to have carelessly mimicked the Tea dating advice app’s recklessness when it comes to data security. Read more in my article on the Hot for Security blog.

Collapsed company’s founder says that its fortunes were hampered by the refusal of authorities to release the criminals’ seized funds to victims. Read more in my article on the Fortra blog.

Ukraine’s Defence Intelligence agency (HUR) claims that its hackers have successfully stolen secret files and classified data on a state-of-the-art Russian nuclear submarine, the “Knyaz Pozharsky.” Read more in my article on the Hot for Security blog.

A hospital in Thailand has been fined after patient’s printed records were recycled as snack bags to hold crispy crepes.

In episode 62 of The AI Fix, your hosts learn how AI models smash through CAPTCHA roadblocks like they’re made of wet tissue paper – so much for humanity’s last line of defence. Meanwhile, we meet a bottle-flipping robot and call BS on a cartwheeling cyborg, Graham has a full-blown breakdown over traffic light puzzles, and Anthropic hires an AI psychiatry team to figure out why its bots are unhinged. Also: Microsoft helpfully tells us which jobs are toast, Vogue replaces models with AI-generated glam-bots, and a tiny homebrew neural net humiliates the big boys at Sudoku. Plus, Mark explores GEPA — the AI prompt optimiser that politely mutates your questions until they’re 35 times more effective than reinforcement learning. All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

The viral women-only dating safety app Tea, built to flag red flags, gets flagged itself – after leaking over 70,000 private images and chat logs. We are talking full-on selfies, ID docs, private DMs, and a dash of 4chan creepiness. Yikes. Plus, Carole takes us down memory lane as she hangs up her co-host mic after 428 glorious episodes. Expect tea, tears, and Tom Lehrer. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

In episode 61 of The AI Fix, a robot called DeREK goes bananas, OpenAI, Google DeepMind, and Anthropic warn we may lose the ability to see what AI is thinking, a dextrous robot changes its own batteries, the USA unveils its AI action plan, and a human beats AI to win the World Coding Championship. Also in this week’s episode, Graham reveals why you should never ask a vibe coding app to “clean up” your project, and Mark explains why it was handbags at dawn at the International Mathematical Olympiad. All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

Over 40,000 websites running a vulnerable version of a popular WordPress plugin could be at risk of being hijacked by hackers. Read more in my article on the Hot for Security blog.

European defence giant Naval Group has confirmed that it is investigating an alleged cyber attack which has seen what purports to be sensitive internal data published on the internet by hackers. Read more in my article on the Hot for Security blog.

The US insurance giant has admitted that hackers stole personal info of the “majority” of its customers and staff earlier this month.

A woman’s dating app designed to enhance safety and vet potential dating partners has itself suffered a serious security breach.

There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base. Read more in my article on the Fortra blog.

Graham warns why it is high time we said goodbye to 2G – the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once. Meanwhile, Carole unpacks a painfully awkward tale of amour fou, as a 76-year-old Belgian man drives 476 miles to meet his dream woman… only to be greeted by her very-much-still-husband at the gate. Plus: Sky Arts painting competitions get a thumbs up, Mark Zuckerberg never loses at board games, and the scandalous Facebook memoir Meta tried to silence. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Ransomware, considered by British authorities to be the UK’s greatest cybercrime threat, costing the nation billions of pounds and with the capbility to bring essential services to a standstill, is in the gunsights of government. Read more in my article on the Hot for Security blog.

In episode 60 of The AI Fix, we learn why Grok might be Elon Musk’s bid for digital immortality, how Meta is building a Manhattan-sized data centre called Prometheus, how AI is helping create carbon-sucking concrete, and are bewildered that 2000 people “work” at the Candy Crush company. Plus Graham takes a look at Elon’s latest creations: a giggling anime girlfriend desperate for your attention, and a cute cartoon red panda who wants to bomb a synagogue and moon the rabbi. Meanwhile Mark learns which AI is most likely to blackmail, lie, and – when the mood takes it – commit murder to avoid being switched off. All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. Read more in my article on the Hot for Security blog.