AI bots are having existential crises, inventing religions, and allegedly plotting against humanity… or so the internet would have you believe. We dig into Moltbook, the “AI-only” social network that sent Twitter into a meltdown, attracted breathless talk of the singularity, and turned out to be far less Terminator and far more humans role-playing as…
Category: Security threats
Global Security News, Russia, Security threats
Hacking attack leaves Russian car owners locked out of their vehicles
Imagine the scene. It’s a cold Monday morning in Moscow. You walk out to your car, coffee in hand, ready to face the day. You press the button to unlock your car, and … nothing happens. You try again. Still nothing. The alarm starts blaring. You can’t turn it off. Read more in my article…
AI, Artificial Intelligence, Global Security News, Guest blog, Security threats
WEF: AI overtakes ransomware as fastest-growing cyber risk
We can no longer say that artificial intelligence is a “future risk”, lurking somewhere on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that organizations are facing today. That’s not just my opinion, that’s also the message that comes loud and clear from the World Economic Forum’s newly-published “Global…
AI, Data loss, Global Security News, Guest blog, phishing, Security threats
Gartner tells businesses to block AI browsers now
Analyst firm Gartner has issued a blunt warning to organizations: Agentic AI browsers introduce serious new security risks and should be blocked “for the foreseeable future.” Read more in my article on the Fortra blog.
Data loss, Global Security News, malware, Podcast, privacy, Security threats
Smashing Security podcast #446: A hacker doxxes himself, and social engineering-as-a-service
A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer… and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and consider how stolen data is now the jet fuel of cybercrime – and how next year could be even nastier than 2025. Plus,…
AI, Artificial Intelligence, Data loss, Global Security News, Guest blog, Security threats
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner
Shadow AI – the use of artificial intelligence tools by employees without a company’s approval and oversight – is becoming a significant cybersecurity risk. Read more in my article on the Fortra blog.
AI, Asia Pacific, Global Security News, Google, Podcast, Security threats, vulnerability
The AI Fix #78: The big AI bubble, and robot Grandma in the cloud
In episode 78 of The AI Fix, alien robot spiders invade Antarctica (or Facebook says they do), Mark prepares humanity for AI-powered fighter jets with loyalty issues, and Graham tries to work out why his AI-generated country music career hasn’t yet paid for even a Tesco Meal Deal. Anthropic claims it has caught the first…
Global Security News, Guest blog, Law & order, Ransomware, Security threats
UK’s new cybersecurity bill takes aim at ransomware gangs and state-backed hackers
After years of delays, the UK government has finally introduced landmark cybersecurity legislation that could reshape how British organisations defend against digital attacks. Read more in my article on the Fortra blog.
Global Security News, Guest blog, Security threats, water supply
The rising tide of cyber attacks against the UK water sector
Critical infrastructure is once again in the spotlight, as it is revealed that several UK water suppliers have reported cybersecurity incidents over the last two years. Read more in my article on the Fortra blog.
AI, Artificial Intelligence, ChatGPT, Global Security News, Podcast, Security threats
The AI Fix #75: Claude’s existential battery crisis, and why ChatGPT is a terrible therapist
In episode 75 of The AI Fix, a Claude-powered robot gets so anxious about its dying battery that it composes a Broadway musical about stress and announces it’s “achieved consciousness and chosen chaos.” Also: an 18-month psychological study reveals five reasons why ChatGPT is a dangerously bad therapist, Elon Musk’s million-robot army, a politician loses…
Data loss, Global Security News, Guest blog, Law & order, Podcast, Security threats
Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts
A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral, and how new PCI DSS rules are finally muzzling Magecart-style skimmers. Plus: Graham reveals his new-found superpower with Keyboard Maestro,…
critical infrastructure, Global Security News, ICS, mental health, Podcast, Security threats
Smashing Security podcast #439: A breach, a burnout, and a bit of Fleetwood Mac
A critical infrastructure hack hits the headlines – involving default passwords, boasts on Telegram, and a finale that will make a few cyber-crooks wish the ground would swallow them whole. Meanwhile we dig into the bit we don’t talk about enough: the human cost of defending companies from hackers – stress, burnout, and how better…
Global Security News, Guest blog, Incident Response, Law & order, Ransomware, Security threats
NCSC warns companies to prepare for a day when your screens go dark
The UK’s National Cyber Security Centre warns that the country now faces four nationally significant cyberattacks every week – a 129% jump in a year. Some headlines claim the NCSC is urging organisations to “go back to pen and paper,” but the full report tells a more practical story about resilience, preparedness, and surviving a…
AI, Artificial Intelligence, Global Security News, Podcast, Security threats, vulnerability
The AI Fix #71: Hacked robots and power-hungry AI
In episode 71 of The AI Fix, a giant robot spider goes backpacking for a year before starting its job in lunar construction, DoorDash builds a delivery Minion, and a TikToker punishes an AI by making it talk to condiments. GPT-5 crushes the humans at the ICPC World Finals, Claude Sonnet 4.5 codes for 30…
Global Security News, Guest blog, hacking, Law & order, Security threats
From mischief to malware: ICO warns schools about student hackers
Recent research released by the ICO say that school pupils should be considered as an “insider threat” by schools. Read more in my article on the Fortra blog.
critical infrastructure, Data loss, Global Security News, Guest blog, Law & order, Security threats
Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure
A 30‑year‑old man has been charged with launching a cyberattack on the German subsidiary of Russia’s state-owned oil giant Rosneft. The cyberattack, which happened in March 2022 in the aftermath of Russia’s invasion of Ukraine, crippled the company’s operations and cost millions of euros in damages. Read more in my article on the Exponential-e blog.
Global Security News, Law & order, police, Security Awareness, Security threats
Loaf and order: Belgian police launch bread-based cybersecurity campaign
The future of cybersecurity awareness might just be… gluten-based.
Global Security News, Law & order, Security threats, tv
Iranian State TV hacked, and that’s modern warfare
In modern warfare, it’s not just about who has the biggest bombs — it’s about who controls the story.
Global Security News, Security threats, Washington Post
Breaking news – the Washington Post has been hacked
The Washington Post says that the email accounts of some of its journalists have been hacked. The likely culprits? A foreign government (take your pick…) Why would they want to do that? Because journalists are often afforded access to valuable and sensitive information, and may be in touch with human-rights activists in oppressive regimes.
Global Security News, Guest blog, Law & order, malware, phishing, Security threats
Dutch police identify users as young as 11-year-old on Cracked.io hacking forum
Dutch police have announced that they have identified 126 individuals linked to the now dismantled Cracked.io cybercrime forum. Read more in my article on the Hot for Security blog.
CryptoCurrency, Global Security News, malware, Podcast, Security threats, Smashing Security, Zoom
Smashing Security podcast #414: Zoom.. just one click and your data goes boom!
Graham explores how the Elusive Comet cybercrime gang are using a sneaky trick of stealing your cryptocurrency via an innocent-appearing Zoom call, and Carole goes under the covers to explore the extraordinary lengths bio-hacking millionaire Bryan Johnson is attempting to extend his life. All this and more is discussed in the latest edition of the…
Elon Musk, Global Security News, Guest blog, jeff bezos, Mark Zuckerberg, road sign, Security threats
Crosswalks hacked to play fake audio of Musk, Zuck, and Jeff Bezos
“Stop, look, and listen” is the standard advice we should allow follow when crossing the road – but pedestrians in some parts are finding that they cannot believe their ears – after a hacker compromised crosswalks to play deepfake audio mocking tech bosses Elon Musk, Mark Zuckerberg, and Jeff Bezos. Read more in my article…
forum, Global Security News, Law & order, Nigeria, Password, Podcast, Scam, Security threats, Smashing Security
Smashing Security podcast #413: Hacking the hackers… with a credit card?
A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime? All this and more is…
AI, Artificial Intelligence, ChatGPT, Global Security News, Google, Google Chrome, Grok, malware, openai, password manager, Podcast, Security threats, The AI Fix, vulnerability
The AI Fix #44: AI-generated malware, and a stunning AI breakthrough
In episode 44 of The AI Fix, ChatGPT won’t build a crystal meth lab, GPT-4o improves the show’s podcast art, some students manage to screw in a lightbulb, Google releases Gemini 2.5 Pro Experimental and nobody notices, and Mark invents a clock for measuring AI time. Graham explains how ChatGPT’s love for Young Adult fiction…
Global Security News, Guest blog, Malaysia, Ransomware, Security threats
Malaysian PM says “no way” to $10 million ransom after alleged cyber attack against Kuala Lumpur airport
According to some reports, Kuala Lumpur International Airport had to resort to using whiteboards to communicate with passengers. Read more in my article on the Hot for Security blog.
AI, Artificial Intelligence, Global Security News, Podcast, Scam, Security threats, Smashing Security
Smashing Security podcast #410: Unleash the AI bot army against the scammers – now!
A YouTuber has unleashed an innovative AI bot army to disrupt and outwit the world of online scammers, and a New York Times investigation looks into the intricate web of global money laundering. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley…
critical infrastructure, Global Security News, Law & order, malware, Podcast, privacy, Security threats, Smashing Security, surveillance, Volt Typhoon
Smashing Security podcast #409: Peeping perverts and FBI phone calls
In episode 409 of the “Smashing Security” podcast, we uncover the curious case of the Chinese cyber-attack on Littleton’s Electric Light Company, and a California landlord’s hidden camera scandal. Find out about this, and more, in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
AI, Artificial Intelligence, Event, Global Security News, Password, phishing, Security threats
Webinar: Credential security in the age of AI: Insights for IT leaders
On Tuesday, March 18 2025, at 1pm EST, I will be joining the experts at Dashlane for an online chat all about credential security in the age of AI. Learn more and make sure to book your free seat.
CISA, Global Security News, Guest blog, Law & order, malware, Russia, Security threats, united states
CISA refutes claims it has been ordered to stop monitoring Russian cyber threats
It’s been a confusing few days in the world of American cybersecurity… Read more in my article on the Hot for Security blog.
CISA, Donald Trump, Global Security News, Guest blog, Law & order, malware, Ransomware, Russia, Security threats, Ukraine, united states
Stop targeting Russian hackers, Trump administration orders US Cyber Command
The Trump administration has told US cyber command and CISA to stop following or reporting on Russian cyber threats. Yes, Russia! That country everyone used to agree was home to lots of ransomware gangs and hackers. Hmmm… Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, malware, Security threats, Ukraine
Warning issued as hackers offer firms fake cybersecurity audits to break into their systems
Companies are being warned that malicious hackers are using a novel technique to break into businesses – by pretending to offer audits of the company’s cybersecurity. Read more in my article on the Tripwire State of Security blog.
critical infrastructure, Global Security News, Guest blog, Security threats, vulnerability
US Coast Guard told to improve its cybersecurity, after warning raised that hacked ports could cost $2 billion per day
The US Coast Guard has been urged to improve the cybersecurity infrastructure of the Maritime Transportation System (MTS), which includes ports, waterways, and vessels essential for transporting over $5.4 trillion worth of goods annually. Read more in my article on the Tripwire State of Security blog.
data breach, Data loss, Global Security News, Guest blog, Laptop, Law & order, North Korea, remote working, Security threats
US woman faces years in federal prison for running laptop farm for N Korean IT workers
Christian Marie Chapman, of Litchfield Park, Arizona, helped generate over US $17 million for North Korea after over 300 US companies unwittingly hired staff believing them to be US citizens. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Law & order, Security threats
Ex-worker arrested after ‘shutdown’ of British Museum computer systems
London’s world-famous British Museum was forced to partially close its doors at the end of last week, following a serious security breach involving a former IT contractor. Police were called to the museum on Friday after a recently dismissed worker allegedly trespassed onto the museum site and was able to shut down various systems, including…
Georgia, Global Security News, Guest blog, hacking, Law & order, Security threats
Hacked buses blare out patriotic pro-European anthems in Tbilisi, attack government
Residents of Tbilisi, the capital city of Georgia, experienced an unexpected and unusual start to their Friday morning commute. As they boarded their public transport buses, they were greeted by a barrage of sound emanating from the vehicles’ speakers. Read more in my article on the Hot for Security blog.
Global Security News, Government, Italy, Law & order, Podcast, Scam, school, Security threats, Smashing Security
Smashing Security podcast #401: Hacks on the high seas, and how your home can be stolen under your nose
An Italian hacker makes the grade and ends up in choppy waters, and hear true stories of title deed transfer scams. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault. Plus – don’t miss our featured interview with Avery…
AI, Artificial Intelligence, Event, Global Security News, Security threats
Fireside chat with Graham Cluley about risks of AI adoption in 2025
Join me, and the experts from Rubrik, on Weds January 15 2025, where we’ll be having a fireside chat with Dark Reading all about the known and unknown risks of adopting AI.