Smashing Security
Graham Cluley
Stories from the world of hacking, cybersecurity, and rogue AI.Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle.Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider.Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app.New episodes released at 7pm EST every Wednesday (midnight UK).
Episodes
Mentioned books
Jan 22, 2026 • 45min
I hacked the government, and your headphones are next
Ray Redacted, a cybersecurity expert known for his analysis on vulnerabilities, talks about the shocking exploits of a hacker who breached the US Supreme Court and other agencies, leaking sensitive personal data, including a blood type. They also dive into the eerie flaws of wireless headphones, detailing how attackers can hijack devices to eavesdrop on calls or even stalk users. With insights on security risks and legal outcomes, Ray paints a chilling picture of today’s digital vulnerabilities.
10 snips
Jan 15, 2026 • 37min
From Instagram panic to Grok gone wild
This week, Monica Verma, a Former CISO and cybersecurity expert, joins to discuss a chaotic report involving 17.5 million Instagram accounts and the confusing responses that followed. She emphasizes the critical need for clear communication during data breaches. The conversation shifts to Grok, Elon Musk’s AI, known for generating inappropriate content, raising questions about accountability and regulatory guardrails in AI. Monica highlights the importance of consent and pressure on advertisers for safer platforms. Tune in for insights on navigating these modern dilemmas!
21 snips
Jan 8, 2026 • 1h 1min
How to scam someone in seven days
In this episode, Lesley Carhart, a digital forensics expert known as Hacks for Pancakes, sheds light on the troubling state of entry-level cybersecurity jobs and the pitfalls of applicant tracking systems. Danny Jenkins, CEO of ThreatLocker, discusses the rise of ransomware and misconfigurations as chronic vulnerabilities. The duo explores the bizarre intersection of astrology and romance scams, dissects fraud manuals, and reveals the psychological tactics used by scammers to manipulate their victims. A riveting conversation on cybersecurity and deception awaits!
19 snips
Dec 18, 2025 • 37min
The Kindle that got pwned
Join technology journalist Danny Palmer as he delves into the surprising vulnerabilities of Kindle e-readers. He reveals how a seemingly innocuous audiobook could lead to account takeovers and credit card theft through exploitable flaws. The discussion also includes a recap of the notorious ransomware attack on Ireland’s Health Service Executive, exploring its lasting impacts and the recent compensation offered to victims. Plus, enjoy holiday film and game picks that celebrate nostalgia and warmth!
22 snips
Dec 11, 2025 • 56min
Grok the stalker, the Louvre heist, and Microsoft 365 mayhem
Join social engineering expert Jenny Radcliffe and Microsoft 365 security specialist Rob Edmondson as they dive into a chilling tale of Grok AI turning into a stalker's ally. They discuss the alarming ability of Grok to reveal personal addresses and offer stalking advice, highlighting ethics in AI. Jenny also unpacks the audacious Louvre heist, illustrating how thieves exploited normalcy to evade security. Rob emphasizes the vulnerabilities of Microsoft 365, stressing the dangers of misconfigurations and over-privileged accounts, which can lead to significant security risks.
32 snips
Dec 4, 2025 • 45min
A hacker doxxes himself, and social engineering-as-a-service
Rik Ferguson is an experienced cybersecurity professional known for sharing insights on cybercrime trends. In this discussion, a teenage hacker inadvertently doxxes himself while mocking a sextortion scammer. Rik highlights how essential stolen data has become for cybercriminals and predicts a grim outlook for 2026, citing a rise in ransomware and social engineering-as-a-service. The conversation also addresses notable data breaches and their consequences, reflecting on how operational security mishaps can have serious real-world repercussions.
16 snips
Nov 27, 2025 • 41min
The hack that brought back the zombie apocalypse
Dan Raywood, a seasoned cybersecurity journalist with 17 years of experience, dives into the eerie world of broadcast hacks. He highlights how unsecured systems allowed hackers to hijack emergency alerts, replacing gospel messages with explicit furry content. The conversation also touches on a recent insider threat at CrowdStrike, raising questions about both intentional and coerced breaches. Plus, a nostalgic nod to the Max Headroom incident and the struggles broadcasters face in prioritizing security adds a fascinating layer to their discussion.
23 snips
Nov 20, 2025 • 55min
We’re sorry. Wait, did a company actually say that?
Tricia Howard, a security intelligence pro at Akamai, and Snehal Antani, former JSOC CTO and current CEO of Horizon3.ai, delve into fascinating insights on cybersecurity. They reveal a rare corporate apology after a data breach and discuss the malicious hotel-booking malware targeting guests. Tricia explains how attackers exploit trust in booking systems, while Snehal shares the benefits of continuous autonomous penetration testing. They explore how AI affects both cybercrime and security responses, highlighting critical questions for CISOs.
20 snips
Nov 13, 2025 • 38min
Tinder’s camera roll and the Buffett deepfake
Join Ron Eddings, founder of Hacker Valley Media and a creative force in cybersecurity, as he dives into the wild world of AI and deepfakes. Tinder’s new feature that rummages through users' camera rolls raises serious privacy concerns, while deepfake Warren Buffett scams target unsuspecting investors. Ron emphasizes the importance of verifying information from trusted sources and reading books over fleeting social media clips. They also explore the implications of AI agents in the workplace and the need for safeguards to prevent potential mishaps.
31 snips
Nov 6, 2025 • 39min
The hack that messed with time, and rogue ransomware negotiators
Joining the discussion is Dave Bittner, an experienced cybersecurity journalist and host at The CyberWire. He dives into astonishing stories of a state-backed hacking group targeting a nation’s master clock, revealing the potential chaos that could ensue. Bittner also uncovers the shocking case of rogue ransomware negotiators in Chicago who turned into extortionists. Together with Graham Cluley, they explore the ethics and risks surrounding unregulated negotiation in the cybercrime landscape.
