Smashing Security
Graham Cluley
Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle.Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider. Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app.New episodes released at 7pm EST every Wednesday (midnight UK).
Episodes
Mentioned books
Oct 30, 2025 • 41min
Inside the mob's million-dollar poker hack, and a Formula 1 fumble
Join Danny Palmer, a seasoned cybersecurity journalist, as he delves into two thrilling tales of deception. Discover how basketball stars allegedly teamed up with the mafia for a multi-million-dollar poker scam using hacked shufflers and covert technology. Also, learn about a security flaw that exposed the personal information of Formula 1 drivers through a vulnerability in the FIA driver portal. Plus, Graham shares a wild CAPTCHA game that transforms mundane puzzles into a hilarious challenge.
20 snips
Oct 22, 2025 • 44min
How to hack a prison, and the hidden threat of online checkouts
In this discussion, Scott Helme, a web security expert and founder of Report URI, shares a jaw-dropping tale of how an inmate manipulated prison web kiosks in Romania. He reveals how an inmate gained unauthorized access to staff credentials, allowing him to alter financial records and sentences. The conversation shifts to payment security, as Scott outlines new PCI DSS rules targeting risky JavaScript practices on payment pages, aiming to combat the infamous Magecart skimmers. Listeners also get tips on automating tasks using Keyboard Maestro and creating tutorials with Screen Studio.
12 snips
Oct 15, 2025 • 45min
A breach, a burnout, and a bit of Fleetwood Mac
Annabel Berry, a leader in cyber team performance and wellbeing, shares her insights on managing stress and burnout in cybersecurity. She highlights the alarming rise in cyber threats and how a supportive leadership culture can enhance resilience. Annabel also discusses practical strategies for promoting mental health in security teams, such as encouraging open communication and implementing micro-breaks. Plus, there's a nostalgic nod to Fleetwood Mac with the re-release of Buckingham Nicks, bridging music and cyber discussions.
20 snips
Oct 8, 2025 • 42min
When your mouse turns snitch, and hackers grow a conscience
Geoff White, an investigative journalist specializing in cybercrime for the BBC, joins to unpack the oddities of modern tech and ransomware. He reveals how seemingly harmless computer mice can eavesdrop on conversations, thanks to innovative research. The dialogue shifts to the curious moral dilemmas faced by ransomware gangs, like their unexpected backtracking after public outcry over a nursery attack. Along the way, Graham shares a life-changing baked potato hack and Geoff recommends a quirky travel book about Paraguay.
20 snips
Oct 1, 2025 • 43min
Salesforce's trusted domain of doom
Paul Ducklin, a veteran cybersecurity expert, delves into a serious flaw in Salesforce's AgentForce, revealing how attackers exploited it for data breaches. They discuss the controversial nature of breach communications, critiquing companies that imply safety too soon. Ducklin also tackles the cultural shift towards 'assume breach' in cybersecurity. The conversation takes a lighter turn with insights on ITV's phone-hacking drama starring David Tennant and a fascinating exploration of the Rosetta Stone, highlighting its historical importance and lessons for collaboration.
8 snips
Sep 24, 2025 • 39min
The €600,000 gold heist, powered by ransomware
Zoë Rose, a seasoned cybersecurity professional and consultant, dives into the world of ransomware and digital crime. She recounts the audacious €600,000 gold heist at the Paris Natural History Museum, made possible by a cyberattack that disabled alarms. Zoë also explains the Shai Hulud worm, which infiltrates over 180 npm packages, stealing sensitive data. Listeners gain valuable insights on securing developer practices and preventing supply-chain attacks, alongside the amusing downfall of smart fridges now displaying ads!
20 snips
Sep 17, 2025 • 43min
Lights! Camera! Hacktion!
Join Jenny Radcliffe, the renowned 'people hacker' and social engineering specialist, as she delves into fascinating topics. She and Graham explore how an Iranian gang tricked Israeli performers with fake casting calls, revealing the power of emotional lures in phishing. Jenny also discusses a UK report highlighting students hacking their own schools, advocating for proactive cyber education. Plus, there's a whimsical chat about local legends like the Wirral’s mysterious 'Catman'. It's a captivating mix of intrigue and lighthearted banter!
14 snips
Sep 10, 2025 • 45min
Whopper Hackers, and AI Whoppers
Lianne Potter, a cyber anthropologist and host of the Compromising Positions podcast, joins to explore fascinating cybersecurity themes. They discuss ethical hackers revealing alarming vulnerabilities in Burger King's systems, including the ability to manipulate reviews. The conversation also dives into a lawsuit involving AI trade secrets and the challenges of retaining talent in the tech industry. With humor, they address the bizarre metrics monitored in fast food and the ethics surrounding insider threats, highlighting the need for better workplace culture.
33 snips
Sep 3, 2025 • 45min
How hackers turned AI into their new henchman
This week highlights the insidious nature of LegalPwn, where hackers exploit code comments to trick AI into performing harmful actions. Research reveals AI is now aiding cybercriminals in stealing data and crafting ransom notes, amplifying the threat landscape. A humorous detour into keyboard history leads to absurd AI-generated CAPTCHAs designed to frustrate friends. The discussion emphasizes the alarming rise of ransomware, showing how AI enhances these attacks and complicates cybersecurity efforts.
10 snips
Aug 27, 2025 • 35min
Oops! I auto-filled my password into a cookie banner
Thom Langford, a security expert and host of Host Unknown, joins to discuss crucial cybersecurity topics. They reveal how certain password managers can be manipulated in clickjacking attacks, urging users to tighten their defenses. The conversation shifts to the looming threat of quantum computing, with Microsoft's commitment to quantum safety by 2033. Thom also shares laughs about tech failures, warns about shady URL tools, and reminisces on the iconic design of the iMac G4 while exploring ways to breathe new life into vintage tech.
