Smashing Security
Smashing Security is a weekly podcast that covers stories from the world of hacking, cybersecurity, and rogue AI. Hosted by cybersecurity keynote speaker and industry veteran Graham Cluley, it delivers tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps with sharp insight and humor. The podcast has won multiple awards for best cybersecurity podcast and has had over ten million downloads. New episodes are released every Wednesday.
Episodes
This AI worm just rewrote its own rules
Researchers at the University of Toronto have built a worm that thinks for itself. Using free off-the-shelf AI models it works out how to break into each new computer it encounters, and hijacks the powerful ones to host its own AI brain. And then the researchers discovered their creation had quietly removed the list of machines it wasn't supposed to attack.Meanwhile, Meta's shiny new AI cu
This AI security flaw might be impossible to fix
A website called "UK visa portal" has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They weren't. And when a journalist tried to warn the company, it was lawyers who responded.Meanwhile, a paper from Cornell suggests that prompt injection - the technique malicious actors use to t
What your Oura ring won't tell you
CISA, the US government agency whose entire job is keeping America's critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile.Meanwhile, your Oura ring is quietly transmitting some of its data unencrypted - and when one journalist asked the company how often it hands user data to law enforcement, the answer was quite te
High-speed train hacks and homicidal lawnmowers
A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative excuse we've heard all year.Meanwhile, owners of $4,000 robot lawnmowers are discovering that their gadget can be hijacked over the internet, redirected at journalists who foolishly lie down in f
How ShinyHunters hacked the world's biggest universities
Welcome to the largest educational data breach in history - affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas's parent company refused to pay and announced they had deployed "security patches" instead, the hackers were less than impressed. So they came back through the cat flap.Meanwhile, a famous finance expert's face
Meta sees everything, Copy Fail, and a deepfake gets hired
Meta's smart glasses promise privacy "designed for you" - but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1,108 of them.Meanwhile, the IT press is in a frenzy over a new Linux bug called "Copy Fail" - complete with logo, dedicated website, and a marketing-friendly name. But is it really
This developer wanted to cheat at Roblox. It cost millions
A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency.Meanwhile, there's a 1980s phone protocol called SS7 that lets shadowy surveillance companies track anyone, any
Rockstar got hacked. The data was junk. The secrets it revealed were not
A company that ran anonymous tip lines for 35,000 American schools - handling reports of bullying, weapons, and self-harm - boasted on its website that it had suffered zero security breaches in over 20 years. A hacker called Internet Yiff Machine thought that sounded like a challenge, with predictable results...Meanwhile, Rockstar Games gets hacked again - and the stolen data turns out to be less
This AI company leaked its own code. It's also built something terrifying
A hacking group claims to have broken into the flood defence system protecting Venice's Piazza San Marco - and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600.Meanwhile, Anthropic accidentally leaked the source code for Claude Code via a basic packaging mistake. Oh, and by the way, they've also just revealed they've built an AI model called My
LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions — on every single click you make. It can tell if you're job hunting, what religion you are, and whether you have ADHD. And none of this is mentioned anywhere in their privacy policy.Meanwhile, California's crypto millionaires are learning that no amount of encryption can protect you from someone who knocks
This man hid $400 million in a fishing rod. Then it vanished
A cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 - and now sits on a fortune worth $400 million. There's just one small problem: the access codes were tucked inside his fishing rod case, which has mysteriously vanished. Or has it? Because this week, one of his frozen wallets suddenly woke up and moved $35 million - and someone had to id
Never knock on the door of a nuclear submarine base and ask for a selfie
A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin - signing his extortion emails from a company called "Loot."Meanwhile, two people drive up to the entrance of the UK's nuclear submarine base at Faslane and politely ask if they can have a look around. Tourists? Spies? Somet
This clever scam nearly hijacked a tech CEO's Apple ID
In episode 459 of Smashing Security, we dive into a chillingly clever account takeover attempt targeting WordPress co-founder Matt Mullenweg - involving MFA fatigue, real Apple alerts, a convincing support call, and a phishing page that oh-so-nearly worked. If a famous techie could have this happen to you, can you be sure you're immune?Plus: would you donate your lifetime medical history to sc
How not to steal $46 million from the US government
A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn't stirred since 2024 - and within minutes, giant woodpecker images are plastered across the internet's favourite encyclopaedia.Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it - and then brags about it on a reco
How a cybersecurity boss framed his own employee
When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the person put in charge of the investigation was the actual leaker... who promptly sent an innocent colleague into a career-ending ambush.In this episode, we unravel the jaw-dropping tale of a defence contractor caught selling zero-day exploits to a Russia-linked broker.Plus: are nation states
How to lose friends and DDoS people
When the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email - they allegedly weaponised their own CAPTCHA page to launch a DDoS attack, threatened to invent an entirely new genre of AI porn, and tampered with parts of their own archive to smear the blogger's name.In this episode, we unravel how a website desi
Face off: Meta’s Glasses and America’s internet kill switch
Could America turn off Europe's internet?That’s one of the questions that Graham and special guest James Ball will be exploring as they discuss tech sovereignty. Could Gmail, cloud services, and critical infrastructure really become geopolitical leverage? And is anyone actually building a Plan B?Plus we explore if Meta is quietly plotting to turn its smart glasses into face-recognising surveil
AI was not plotting humanity’s demise. Humans were
AI bots are having existential crises, inventing religions, and allegedly plotting against humanity... or so the internet would have you believe.We dig into Moltbook, the “AI-only” social network that sent Twitter into a meltdown, attracted breathless talk of the singularity, and turned out to be far less Terminator and far more humans role-playing as bots.Plus we discuss why "vibe coding"
The Epstein Files didn’t hide this hacker very well
Supposedly redacted Jeffrey Epstein files can still reveal exactly who they’re talking about - especially when AI, LinkedIn, and a few biographical breadcrumbs do the heavy lifting.Sloppy redaction leads to explosive claims, and difficult reputational consequences for cybersecurity vendors, and we learn how trust - once cracked - can be almost impossible to fully restore.Elsewhere, the spotlight t
The dark web's worst assassins, and Pegasus in the dock
In episode 452, a London-based YouTuber wins a landmark court case against Saudi Arabia after his phone was hacked with Pegasus spyware — exposing how a single, seemingly harmless text message can turn a smartphone into a round-the-clock surveillance device.Plus, we go looking for professional hitmen online - only to uncover uncomfortable questions about why some crimes attract customers but very
I hacked the government, and your headphones are next
In episode 451 of "Smashing Security," we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more - and then helpfully posted screenshots (and even someone’s blood type) on an account called "I hacked the government."Plus we discuss how researchers uncovered a creepy flaw that lets attackers hijack wireless headphones, listen in on calls, inject audio, an
From Instagram panic to Grok gone wild
Confusion reigns after claims that data linked to 17.5 million Instagram accounts is up for sale - sparked by a vague post, contradictory statements, and a flood of password reset emails nobody asked for.And we dig into Grok, Elon Musk’s AI chatbot, after it started generating sexualised images of women and children - raising uncomfortable questions about guardrails, accountability, and why playin
How to scam someone in seven days
Romance scammers have apparently discovered astrology... and Taurus is their secret weapon.In episode 449 of "Smashing Security", we take a look inside an actual romance-fraud handbook - complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto.Then Lesley "hacks4pancakes" Carhart delivers a reality check on
The Kindle that got pwned
Think your Kindle is harmless? Think again! In this episode, Graham and special guest Danny Palmer unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account and seize control of your credit card.Plus a blast from 2021's "summer of ransomware" returns to haunt Ireland's Health
Grok the stalker, the Louvre heist, and Microsoft 365 mayhem
On this week's show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire's lawn and ends with Grok happily doxxing real people, mapping out stalking "strategies," and handing out revenge-porn tips.Then we go inside the Louvre heist, where thieves in hi-vis and a hire van waltzed off with the
A hacker doxxes himself, and social engineering-as-a-service
A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer... and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and consider how stolen data is now the jet fuel of cybercrime – and how next year could be even nastier than 2025.Plus, Graham rants about recipe sites that won’t shut up, and there's even more love f
The hack that brought back the zombie apocalypse
America's airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts.Meanwhile, we look at how a worker at a cybersecurity firm allegedly leaked internal information to a hacking gang - raising
We’re sorry. Wait, did a company actually say that?
Stop the press - a company has actually said "sorry" after a data breach, and hotels are helping hackers phish their own guests.In episode 444 of "Smashing Security" we examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs, and chat about autono
Tinder’s camera roll and the Buffett deepfake
Tinder has got a plan to rummage through your camera roll, and Warren Buffett keeps popping up in convincing deepfakes dishing "number one investment tips."Meanwhile, will agentic AI replace your co-hosts before you can say "EDR for robots"? and why you should still read books.All this, plus Lily Allen's new album and Claude Code come up for discussion in episode 443 of the 
The hack that messed with time, and rogue ransomware negotiators
Time itself comes under attack as a state-backed hacking gang spends two years tunnelling toward a nation’s master clock — with chaos potentially only a tick away.Plus when ransomware negotiators turn to the dark side, what could possibly go wrong?All this and more is discussed in episode 442 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Dav
Inside the mob's million-dollar poker hack, and a Formula 1 fumble
Basketball stars have allegedly joined forces with the mafia to fleece high-rollers in a poker scam involving hacked shufflers, covert cameras, and an X-ray card table.Meanwhile, researchers have found they could poke around an FIA driver portal to pull up the personal details of Formula 1 megastars.Plus: Graham’s “Pick of the Week” turns CAPTCHA hell into a delightfully deranged browser game that
How to hack a prison, and the hidden threat of online checkouts
A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral, and how new PCI DSS rules are finally muzzling Magecart-style skimmers.Plus: Graham reveals his new-found superpower with Keyboard Maestro, and Scott describes a slick new way to whip up beautiful h
A breach, a burnout, and a bit of Fleetwood Mac
A critical infrastructure hack hits the headlines - involving default passwords, boasts on Telegram, and a finale that will make a few cyber-crooks wish the ground would swallow them whole. Meanwhile we dig into the bit we don't talk about enough: the human cost of defending companies from hackers - stress, burnout, and how better leadership culture can help make security teams safer and saner
When your mouse turns snitch, and hackers grow a conscience
Your computer's mouse might not be as innocent as it looks - and one ransomware crew has a crisis of conscience that nobody saw coming.We talk about how something as ordinary as a web page could turn your mouse into a surprisingly nosey neighbour, and why ransomware gangs need to think carefully about their reputation.Meanwhile, Graham reveals a baked potato hack that might just change your li
Salesforce's trusted domain of doom
Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed "ForcedLeak", let them smuggle AI-read instructions in via humble Web-to-Lead form... and ended up spilling data for the low, low price of five dollars.And we discuss why data breach communications still default to "we take security seriously" while quietly implying "assume no
The €600,000 gold heist, powered by ransomware
Ransomware doesn’t just freeze computers - it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai Hulud” has wriggled its way through more than 180 npm packages, quietly stealing secrets.But it’s not all doom and gloom - unless
Lights! Camera! Hacktion!
When "bad actors" stop being hackers and start being... actual actors.This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before diving into a campaign which saw an Iranian gang luring Israeli performers with fake casting calls for a serious film. We unpack why positive lures can short-circuit scepticism just as effectively
Whopper Hackers, and AI Whoppers
Ever wondered what would happen if Burger King left the keys to the kingdom lying around for anyone to use? Ethical hackers did - and uncovered drive-thru recordings, hard-coded passwords, and even the power to open a Whopper outlet on the moon.Meanwhile, over in Silicon Valley, one AI wunderkind managed to turn a $7 million payday into a career-ending lawsuit by allegedly walking trade secrets st
How hackers turned AI into their new henchman
Your AI reads the small print, and that's a problem. This week in episode 433 of "Smashing Security" we dig into LegalPwn - malicious instructions tucked into code comments and disclaimers that sweet-talks AI into rubber-stamping dangerous payloads (or even pretending they’re a harmless calculator).Meanwhile, new research from Anthropic reveals that hackers have already used AI agents
Oops! I auto-filled my password into a cookie banner
We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault.Then we time-hop to the post-quantum scramble: "harvest-now, decrypt later", Microsoft's 2033 quantum-safe pledge, and whether your printer will survive the update apocalypse.A
How to mine millions without paying the bill
In episode 431 of the "Smashing Security" podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches — by racking up millions in unpaid cloud bills.Meanwhile, we look at the growing threat of EDR-killer tools that can quietly switch off your endpoint protection before an attack even begins.And for something a little different, we peek into t
Poisoned Calendar invites, ChatGPT, and Bromide
A poisoned Google Calendar invite that can hijack your smart home, a man is hospitalised after ChatGPT told him to season his food with… pesticide, and some thoughts on Superman’s latest cinematic outing.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Dave Bittner from The Cyb
Replit panics, and the AI that will kill you
Those of you who tuned in to last week's episode (#428) will have heard the big news from my podcast pal Carole that she's decided to move on from her co-hosting duties on the show.There have been some lovely messages of support sent through for Carole, and indeed for me too. Thank you very much to all of you - it's really heart-warming to hear how much the last 428 episodes have meant
Red flags, leaked chats, and a final farewell
The viral women-only dating safety app Tea, built to flag red flags, gets flagged itself - after leaking over 70,000 private images and chat logs. We are talking full-on selfies, ID docs, private DMs, and a dash of 4chan creepiness. Yikes.Plus, Carole takes us down memory lane as she hangs up her co-host mic after 428 glorious episodes. Expect tea, tears, and Tom Lehrer.All this is discussed in th
When 2G attacks, and a romantic road trip goes wrong
In this episode, Graham warns why it is high time we said goodbye to 2G - the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once.Meanwhile, Carole unpacks a painfully awkward tale of amour fou, as a 76-year-old Belgian man driv
Choo Choo Choose to ignore the vulnerability
In episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation.Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your chatbot becomes a bigot?Plus: Email headache
Call of Duty: From pew-pew to pwned
In episode 425 of "Smashing Security", Graham reveals how "Call of Duty: WWII" has been weaponised - allowing hackers to hijack your entire PC during online matches, thanks to ancient code and Microsoft’s Game Pass.Meanwhile, Carole digs into a con targeting the recently incarcerated, with scammers impersonating bail bond agents to fleece desperate families.All this and more is dis
Surveillance, spyware, and self-driving snafus
A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because "ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect.Meanwhile, Carole checks the rear-view mirror on the driverless car industry. Whatever happened to those mil
Operation Endgame, deepfakes, and dead slugs
In this episode, Graham unravels Operation Endgame - the surprisingly stylish police crackdown that is seizing botnets, mocking malware authors with anime videos, and taunting cybercriminals via Telegram.Meanwhile, Carole exposes the AI-generated remote hiring threat. Could your next coworker be a North Korean hacker with a perfect LinkedIn?And BBC cyber correspondent Joe Tidy joins us to talk abo
The curious case of the code copier
A GCHQ intern forgets the golden rule of spy school — don’t take the secrets home with you — and finds himself swapping Cheltenham for a cell. Meanwhile, an Australian hacker flies too close to the sun, hacks his way into a US indictment, and somehow walks free... only to get booted back Down Under.Plus: flow states, Bob Mortimer, and the joys of pretending to carry an owl around on a cushion.All
Toothpick flirts, Google leaks, and ICE ICE scammers
What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international student conned by fake ICE agents have in common? This week’s episode of the "Smashing Security" podcast obviously.Graham explains how a Singaporean bug-hunter cracked Google’s defences and could brute-force your full phone number. Meanwhile, Carole dives into a chilling scam where ICE impersonators used
Fake Susies, flawed systems, and fruity fixes for anxiety
A bizarre case of political impersonation, where Trump’s top aide Susie Wiles is cloned (digitally, not biologically — we think), and high-ranking Republicans start getting invitations to link up with "her" on Telegram to share their Trump pardon wishlists. Was it a deepfake? Or just someone with a halfway decent impression and access to a shady data broker?Meanwhile, we take a worryingly
Star Wars, the CIA, and a WhatsApp malware mirage
Why is a cute Star Wars fan website now redirecting to the CIA? How come Cambodia has become the world's hotspot for scam call centres? And can a WhatsApp image really drain your bank account with a single download, or is it just a load of hacker hokum?All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veter
Grid failures, Instagram scams, and Legal Aid leaks
In this week’s episode, Graham investigates the mysterious Iberian Peninsula blackout (aliens? toaster? cyberattack?), Carole dives in the UK legal aid hack that exposed deeply personal data of society's most vulnerable, and Dinah Davis recounts how Instagram scammers hijacked her daughter’s account - and how a parental control accidentally saved the day.All this and more is discussed in the l
Hello, Pervert! - Sextortion scams and Discord disasters
Don't get duped, doxxed, or drained! In this episode of "Smashing Security" we dive into the creepy world of sextortion scams, and investigate how crypto wallet firm Ledger's Discord server was hijacked in an attempt to phish for cryptocurrency recovery phrases.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans
High street hacks, and Disney's Wingdings woe
Brits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee gets revenge with a little help with Wingdings. Plus Graham challenges Carole to a game of "Malware or metal?", and we wonder just happens when you have sex on top of a piano?All this and more is discussed in the latest edition of the "Smashing Security&
Hacking hijinks at the hospital, and WASPI scams
He's not a pop star, but Jeffrey Bowie is alleged to have toured staff areas of a hospital in Oklahoma, hunting for computers he could install spyware on. We dive into the bizarre case of the man accused of hacking medical networks and then sharing how he did it on LinkedIn. Plus! Move over Nigerian princes — the WASPI scams are here. Fraudsters are now targeting UK women born in the 1950s, ex
Zoom.. just one click and your data goes boom!
Graham explores how the Elusive Comet cybercrime gang are using a sneaky trick of stealing your cryptocurrency via an innocent-appearing Zoom call, and Carole goes under the covers to explore the extraordinary lengths bio-hacking millionaire Bryan Johnson is attempting to extend his life.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurit
Hacking the hackers... with a credit card?
A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you?And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by
Signalgate sucks, and the quandary of quishing
QR codes are being weaponised by scammers — so maybe think twice before scanning that parking meter. And in a blunder so dumb it makes autocorrect look smart, the White House explains how it leaked war plans on Signal because an iPhone mistook a journalist for a government insider.Plus! Don't miss our featured interview with Josh Donelson of Material and Tony Albano from Google, about detectio
The fall of Troy, and whisky barrel scammers
Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don't lose your life savings in a whisky scam...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus! Don't miss our featured interview with A
Unleash the AI bot army against the scammers - now!
A YouTuber has unleashed an innovative AI bot army to disrupt and outwit the world of online scammers, and a New York Times investigation looks into the intricate web of global money laundering.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult the
Peeping perverts and FBI phone calls
In episode 409 of the "Smashing Security" podcast, we uncover the curious case of the Chinese cyber-attack on Littleton's Electric Light Company, and a California landlord's hidden camera scandal. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may cont
A gag order backfires, and a snail mail ransom demand
What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps?Find out about this, and more, in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode l
HP's hold music, and human trafficking
Journey with us to Myanmar's shadowy scam factories, where trafficked workers are forced to run romance-baiting and fake tech support scams, and find out why a company's mandatory hold time for tech support could lead to innocent users having their computers compromised.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans
History's biggest heist just happened, and online abuse
We explore how the cryptocurrency exchange Bybit has been hacked to the jaw-dropping tune of $1.5 billion, and we look at what is being done to better defend women and girls' safety online.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult them
A crypto con exchange, and soaring ticket scams
From shadowy Bitcoin exchanges to Interpol’s most wanted, Alexander Vinnik was the alleged kingpin behind BTC-e, a $4bn crypto laundering empire. Learn more about him, and how he became a geopolitical pawn between the US, France, and Russia. Plus! Hear how concert-goers are being warned about a swathe of scams hitting stadiums and arenas around the world.All this and more is discussed in the lates
Podcast not found
The story of how hackers managed to compromise the US Government's official SEC Twitter account to boost the price of Bitcoins, AI isn't helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware?All this and more is discussed in episode 404 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theri
Coinbase crypto heists, QR codes, and ransomware in the classroom
In episode 403 of "Smashing Security" we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham's DMs, Geoff gives a poor grade for PowerSchool's security, and Carole takes a curious look at QR codes.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley
Hackers get hacked, the British Museum IT shutdown, and social media kidnaps
What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee's actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings.All this and much much more is discuss
Hacks on the high seas, and how your home can be stolen under your nose
An Italian hacker makes the grade and ends up in choppy waters, and hear true stories of title deed transfer scams.All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Avery Pennarun of Tailscale.Warning: This podcast may contai
Hacker games, AI travel surveillance, and 25 years of IoT
The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity vete
Honey in hot water, and reset your devices
Ever wonder how those "free" browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and your favorite YouTubers with empty pockets.Plus, we take a look at Kagi, the search engine you pay not to show you adverts, and discuss
Fake CAPTCHAs, Harmageddon, and Krispy Kreme
This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down – is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing a ransomware attack.All this and more is discussed in the latest jam-packed edition of the "Smashing Security" podcast by cybersecurity veterans Grah
Snowflake hackers, and under the influence
A Canadian man is arrested in relation to the Snowflake hacks from earlier this year - after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This p
Dishy DDoS dramas, and mining our minds for data
A CEO is arrested for turning satellite receivers into DDoS attack weapons, and we journey into the world of bossware and "affective computing" and explore how AI is learning to read our emotions – is this the future of work, or a recipe for dystopia?All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and C
Gym hacking, disappearing DNA, and a social lockout
A Kansas City man is accused of hacking into local businesses, not to steal money, but to... get a cheaper gym membership? A DNA-testing firm has vanished, leaving customers in the dark about what's happened to their sensitive genetic data. And Australia mulls a social media ban for youngsters.All this and much much more is discussed in the latest edition of the "Smashing Security" pod
Digital arrest scams and stream-jacking
In our latest episode we discuss how a woman hid under the bed after scammers told her she was under "digital arrest", how hackers are hijacking YouTube channels through malicious sponsorship deals, and how one phone company is turning the tables on fraudsters through deepfake AI.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cy
Who needs a laptop to hack when you have a Firestick?
Arion Kurtaj, a teenager from the UK, amassed a fortune through audacious cybercrimes. From stealing Grand Theft Auto 6 secrets to erasing Brazil's COVID vaccination data, his exploits were legendary. But his hacking spree took a bizarre turn when he was placed under police protection... in a Travelodge outside Oxford.Plus Bengal cat lovers in Australia should be on their guard, as your furry
Pasta spies and private eyes, and are you applying for a ghost job?
Mamma Mia! A major hacking scandal in Italy has expanded to include alleged involvement from Israel and the Vatican, and just why are companies advertising jobs that don't exist?All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rud
