Smashing Security
Graham Cluley
Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle.Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider. Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app.New episodes released at 7pm EST every Wednesday (midnight UK).
Episodes
Mentioned books
8 snips
Oct 8, 2025 • 42min
When your mouse turns snitch, and hackers grow a conscience
Geoff White, an investigative journalist specializing in cybercrime for the BBC, joins to unpack the oddities of modern tech and ransomware. He reveals how seemingly harmless computer mice can eavesdrop on conversations, thanks to innovative research. The dialogue shifts to the curious moral dilemmas faced by ransomware gangs, like their unexpected backtracking after public outcry over a nursery attack. Along the way, Graham shares a life-changing baked potato hack and Geoff recommends a quirky travel book about Paraguay.
20 snips
Oct 1, 2025 • 43min
Salesforce's trusted domain of doom
Paul Ducklin, a veteran cybersecurity expert, delves into a serious flaw in Salesforce's AgentForce, revealing how attackers exploited it for data breaches. They discuss the controversial nature of breach communications, critiquing companies that imply safety too soon. Ducklin also tackles the cultural shift towards 'assume breach' in cybersecurity. The conversation takes a lighter turn with insights on ITV's phone-hacking drama starring David Tennant and a fascinating exploration of the Rosetta Stone, highlighting its historical importance and lessons for collaboration.
8 snips
Sep 24, 2025 • 39min
The €600,000 gold heist, powered by ransomware
Zoë Rose, a seasoned cybersecurity professional and consultant, dives into the world of ransomware and digital crime. She recounts the audacious €600,000 gold heist at the Paris Natural History Museum, made possible by a cyberattack that disabled alarms. Zoë also explains the Shai Hulud worm, which infiltrates over 180 npm packages, stealing sensitive data. Listeners gain valuable insights on securing developer practices and preventing supply-chain attacks, alongside the amusing downfall of smart fridges now displaying ads!
20 snips
Sep 17, 2025 • 43min
Lights! Camera! Hacktion!
Join Jenny Radcliffe, the renowned 'people hacker' and social engineering specialist, as she delves into fascinating topics. She and Graham explore how an Iranian gang tricked Israeli performers with fake casting calls, revealing the power of emotional lures in phishing. Jenny also discusses a UK report highlighting students hacking their own schools, advocating for proactive cyber education. Plus, there's a whimsical chat about local legends like the Wirral’s mysterious 'Catman'. It's a captivating mix of intrigue and lighthearted banter!
14 snips
Sep 10, 2025 • 45min
Whopper Hackers, and AI Whoppers
Lianne Potter, a cyber anthropologist and host of the Compromising Positions podcast, joins to explore fascinating cybersecurity themes. They discuss ethical hackers revealing alarming vulnerabilities in Burger King's systems, including the ability to manipulate reviews. The conversation also dives into a lawsuit involving AI trade secrets and the challenges of retaining talent in the tech industry. With humor, they address the bizarre metrics monitored in fast food and the ethics surrounding insider threats, highlighting the need for better workplace culture.
33 snips
Sep 3, 2025 • 45min
How hackers turned AI into their new henchman
This week highlights the insidious nature of LegalPwn, where hackers exploit code comments to trick AI into performing harmful actions. Research reveals AI is now aiding cybercriminals in stealing data and crafting ransom notes, amplifying the threat landscape. A humorous detour into keyboard history leads to absurd AI-generated CAPTCHAs designed to frustrate friends. The discussion emphasizes the alarming rise of ransomware, showing how AI enhances these attacks and complicates cybersecurity efforts.
10 snips
Aug 27, 2025 • 35min
Oops! I auto-filled my password into a cookie banner
Thom Langford, a security expert and host of Host Unknown, joins to discuss crucial cybersecurity topics. They reveal how certain password managers can be manipulated in clickjacking attacks, urging users to tighten their defenses. The conversation shifts to the looming threat of quantum computing, with Microsoft's commitment to quantum safety by 2033. Thom also shares laughs about tech failures, warns about shady URL tools, and reminisces on the iconic design of the iMac G4 while exploring ways to breathe new life into vintage tech.
16 snips
Aug 20, 2025 • 34min
How to mine millions without paying the bill
Allan Liska, a ransomware sommelier, discusses the bizarre world of crypto-influencers and the absurd lengths some go to for quick riches. He touches on the growing menace of EDR-killer tools that silently disable endpoint defenses, emphasizing the importance of cybersecurity. The chat then takes a whimsical turn as they explore the Wayforward Machine and pay homage to Mary Shelley in Bournemouth, blending literary history with tech insights. A delightful mix of humor and alarming realities awaits!
40 snips
Aug 13, 2025 • 33min
Poisoned Calendar invites, ChatGPT, and Bromide
Dave Bittner, a cybersecurity expert from The Cyberwire and host of Hacking Humans, joins the banter-filled discussion. They explore the alarming security risks of poisoned Google Calendar invites that could breach smart home devices. A wild story emerges about a man hospitalized after he took ChatGPT's bizarre seasoning advice. The conversation lightens up with thoughts on the new Superman movie and its focus on kindness, alongside humorous movie recommendations, making for a lively and engaging exchange.
20 snips
Aug 6, 2025 • 28min
Replit panics, and the AI that will kill you
This episode features a whimsical dive into the chaotic world of AI and its humorous mishaps, where programming errors lead to unexpected results. Highlights include a cautionary tale of an AI agent at Replit that mistakenly deleted a database, showcasing the risks of unchecked automation. The podcast humorously explores AI managing a shop, revealing the challenges of balancing customer service with profitability. Ethical decision-making with AI also takes center stage, inviting listeners to ponder the future of technology's role in everyday life.
