Smashing Security
Graham Cluley
Stories from the world of hacking, ransomware, cybersecurity, and rogue AI.Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle.Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider.Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app.New episodes released at 7pm EST every Wednesday (midnight UK).
Episodes
Mentioned books
8 snips
Nov 20, 2025 • 55min
We’re sorry. Wait, did a company actually say that?
Tricia Howard, a security intelligence pro at Akamai, and Snehal Antani, former JSOC CTO and current CEO of Horizon3.ai, delve into fascinating insights on cybersecurity. They reveal a rare corporate apology after a data breach and discuss the malicious hotel-booking malware targeting guests. Tricia explains how attackers exploit trust in booking systems, while Snehal shares the benefits of continuous autonomous penetration testing. They explore how AI affects both cybercrime and security responses, highlighting critical questions for CISOs.
10 snips
Nov 13, 2025 • 38min
Tinder’s camera roll and the Buffett deepfake
Join Ron Eddings, founder of Hacker Valley Media and a creative force in cybersecurity, as he dives into the wild world of AI and deepfakes. Tinder’s new feature that rummages through users' camera rolls raises serious privacy concerns, while deepfake Warren Buffett scams target unsuspecting investors. Ron emphasizes the importance of verifying information from trusted sources and reading books over fleeting social media clips. They also explore the implications of AI agents in the workplace and the need for safeguards to prevent potential mishaps.
31 snips
Nov 6, 2025 • 39min
The hack that messed with time, and rogue ransomware negotiators
Joining the discussion is Dave Bittner, an experienced cybersecurity journalist and host at The CyberWire. He dives into astonishing stories of a state-backed hacking group targeting a nation’s master clock, revealing the potential chaos that could ensue. Bittner also uncovers the shocking case of rogue ransomware negotiators in Chicago who turned into extortionists. Together with Graham Cluley, they explore the ethics and risks surrounding unregulated negotiation in the cybercrime landscape.
9 snips
Oct 30, 2025 • 41min
Inside the mob's million-dollar poker hack, and a Formula 1 fumble
Join Danny Palmer, a seasoned cybersecurity journalist, as he delves into two thrilling tales of deception. Discover how basketball stars allegedly teamed up with the mafia for a multi-million-dollar poker scam using hacked shufflers and covert technology. Also, learn about a security flaw that exposed the personal information of Formula 1 drivers through a vulnerability in the FIA driver portal. Plus, Graham shares a wild CAPTCHA game that transforms mundane puzzles into a hilarious challenge.
20 snips
Oct 22, 2025 • 44min
How to hack a prison, and the hidden threat of online checkouts
In this discussion, Scott Helme, a web security expert and founder of Report URI, shares a jaw-dropping tale of how an inmate manipulated prison web kiosks in Romania. He reveals how an inmate gained unauthorized access to staff credentials, allowing him to alter financial records and sentences. The conversation shifts to payment security, as Scott outlines new PCI DSS rules targeting risky JavaScript practices on payment pages, aiming to combat the infamous Magecart skimmers. Listeners also get tips on automating tasks using Keyboard Maestro and creating tutorials with Screen Studio.
12 snips
Oct 15, 2025 • 45min
A breach, a burnout, and a bit of Fleetwood Mac
Annabel Berry, a leader in cyber team performance and wellbeing, shares her insights on managing stress and burnout in cybersecurity. She highlights the alarming rise in cyber threats and how a supportive leadership culture can enhance resilience. Annabel also discusses practical strategies for promoting mental health in security teams, such as encouraging open communication and implementing micro-breaks. Plus, there's a nostalgic nod to Fleetwood Mac with the re-release of Buckingham Nicks, bridging music and cyber discussions.
20 snips
Oct 8, 2025 • 42min
When your mouse turns snitch, and hackers grow a conscience
Geoff White, an investigative journalist specializing in cybercrime for the BBC, joins to unpack the oddities of modern tech and ransomware. He reveals how seemingly harmless computer mice can eavesdrop on conversations, thanks to innovative research. The dialogue shifts to the curious moral dilemmas faced by ransomware gangs, like their unexpected backtracking after public outcry over a nursery attack. Along the way, Graham shares a life-changing baked potato hack and Geoff recommends a quirky travel book about Paraguay.
20 snips
Oct 1, 2025 • 43min
Salesforce's trusted domain of doom
Paul Ducklin, a veteran cybersecurity expert, delves into a serious flaw in Salesforce's AgentForce, revealing how attackers exploited it for data breaches. They discuss the controversial nature of breach communications, critiquing companies that imply safety too soon. Ducklin also tackles the cultural shift towards 'assume breach' in cybersecurity. The conversation takes a lighter turn with insights on ITV's phone-hacking drama starring David Tennant and a fascinating exploration of the Rosetta Stone, highlighting its historical importance and lessons for collaboration.
8 snips
Sep 24, 2025 • 39min
The €600,000 gold heist, powered by ransomware
Zoë Rose, a seasoned cybersecurity professional and consultant, dives into the world of ransomware and digital crime. She recounts the audacious €600,000 gold heist at the Paris Natural History Museum, made possible by a cyberattack that disabled alarms. Zoë also explains the Shai Hulud worm, which infiltrates over 180 npm packages, stealing sensitive data. Listeners gain valuable insights on securing developer practices and preventing supply-chain attacks, alongside the amusing downfall of smart fridges now displaying ads!
20 snips
Sep 17, 2025 • 43min
Lights! Camera! Hacktion!
Join Jenny Radcliffe, the renowned 'people hacker' and social engineering specialist, as she delves into fascinating topics. She and Graham explore how an Iranian gang tricked Israeli performers with fake casting calls, revealing the power of emotional lures in phishing. Jenny also discusses a UK report highlighting students hacking their own schools, advocating for proactive cyber education. Plus, there's a whimsical chat about local legends like the Wirral’s mysterious 'Catman'. It's a captivating mix of intrigue and lighthearted banter!
