Smashing Security18 Dec 2025

The Kindle that got pwned

Think your Kindle is harmless? Think again! In this episode, Graham and special guest Danny Palmer unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account and seize control of your credit card.

Plus a blast from 2021's "summer of ransomware" returns to haunt Ireland's Health Service Executive, as victims are offered €750 each.

And because it's the last show before the Christmas break, there's also a Pick of the Week that veers from cosy rom-com comfort to pointy-polygon nostalgia.

All this, and more, in episode 448 of the "Smashing Security" podcast with Graham Cluley, and special guest Danny Palmer.

🎅 🎄 Thanks to everyone for listening to "Smashing Security" during 2025 - we look forward to being back in your ear'oles in early January. Stay safe! 🎅 🎄

EPISODE LINKS:

Password manager provider fined £1.2m by ICO for data breach affecting up to 1.6 million people in the UK - ICO.
Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg.
Russian ban on Roblox gaming platform sparks rare protest - Reuters.
Once upon an exploit: how fake audiobook led to Kindle takeover - Cybernews.
Four years later, Irish health service offers €750 to victims of ransomware attack - Bitdefender.
When Harry Met Sally - Wikipedia.
When Harry Met Sally trailer - YouTube.
Tomb Raider 1-3 Remastered review - you were never going to smooth these games out - Eurogamer.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Privacy & Opt-Out: https://redcircle.com/privacy

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(465)

A breach, a burnout, and a bit of Fleetwood Mac

A critical infrastructure hack hits the headlines - involving default passwords, boasts on Telegram, and a finale that will make a few cyber-crooks wish the ground would swallow them whole. Meanwhile ...

15 Okt 202545min

When your mouse turns snitch, and hackers grow a conscience

Your computer's mouse might not be as innocent as it looks - and one ransomware crew has a crisis of conscience that nobody saw coming.We talk about how something as ordinary as a web page could turn ...

8 Okt 202542min

Salesforce's trusted domain of doom

Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed "ForcedLeak", let them smuggle AI-read instructions in via humble Web-to-Lead form... and ended up...

1 Okt 202543min

The €600,000 gold heist, powered by ransomware

Ransomware doesn’t just freeze computers - it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night...

24 Sep 202539min

Lights! Camera! Hacktion!

When "bad actors" stop being hackers and start being... actual actors.This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before divin...

17 Sep 202542min

Whopper Hackers, and AI Whoppers

Ever wondered what would happen if Burger King left the keys to the kingdom lying around for anyone to use? Ethical hackers did - and uncovered drive-thru recordings, hard-coded passwords, and even th...

10 Sep 202544min

How hackers turned AI into their new henchman

Your AI reads the small print, and that's a problem. This week in episode 433 of "Smashing Security" we dig into LegalPwn - malicious instructions tucked into code comments and disclaimers that sweet-...

3 Sep 202545min

Oops! I auto-filled my password into a cookie banner

We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal pas...

27 Aug 202534min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium