Graham Cluley

Smashing Security podcast #458: How not to steal $46 million from the US government

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn’t stirred since 2024 – and within ...
CSO Online

North Korean fake IT worker tradecraft exposed

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies into hiring North Koreans.

Shelved border-security bill to be reintroduced with changes after concerns over police powers

Original version of Bill C-2 would have granted the police and spy agency powers to demand information about services Canadians have used ...
Cyber Daily

Exclusive: DragonForce ransomware group publishes Hazeldenes employee data to darkweb

Passport scans, confidentiality agreements, and photos of processing works published by hackers following a February attack ...
The Economist

Want to hack your body with peptides? If only the science agreed

Performance-enhancing peptides are increasingly popular among fitness enthusiasts and biohackers, despite limited human ...
CoinDesk

Bonk.fun hacked: Domain hijacked, crypto drainer planted

The one thing that remains constant in the crypto market, irrespective of whether it's booming or not, is hacks. Thursday, hackers grabbed Bonk.fun's domain, the Raydium- and BONK-backed Solana token ...
Queerty

PHOTOS: Gus Kenworthy, David Archuleta, Valentina & all the fiercest fits at the 2026 Queerties Awards

Your queer favorites let us have it on the red carpet at the 2026 Queerties Awards. Presided over by hostess with the mostest ...
The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Hackers hijack WordPress sites to spread malware using fake CAPTCHA

A ClickFix attack can come in all shapes and sizes, including through compromised WordPress websites.