Smashing Security podcast #475: JadePuffer – the AI that ran a ransomware attack all by itself

Hacking stories and cybersecurity insights.

Smashing Security podcast #475: JadePuffer - the AI that ran a ransomware attack all by itself

A 15-year-old boy asked a chatbot for help – and cancelled nearly 47,000 anime streaming subscriptions in under four hours. Meanwhile, researchers have documented the first fully autonomous, agentic AI-driven ransomware attack, “JadePuffer”. What does this tell us about the future of cybersecurity?

Also, Apple’s “Hide My Email” feature turns out to hide rather less than it promises – despite Apple knowing it has a problem for over a year.

All this and more in this episode of the “Smashing Security” podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Zoë Rose.

0:00
0:00 0:00
0:00
Show full transcript
TranscriptThis transcript was generated automatically, probably contains mistakes, and has not been manually verified.
ZOE ROSE
We need an LLM that says, here's how to do it. And don't forget to consider these things.
Unknown
No, no, we don't need that actually, Zoe. We don't need any help for the criminals in covering up the tracks. Interesting. Interesting that you should suggest that.

Smashing Security, episode 475. JadePuffer, the AI that ran a ransomware attack all by itself. With Graham Cluley and special guest Zoe Rose.

Hello, hello, and welcome to Smashing Security episode 475. My name's Graham Cluley.
ZOE ROSE
And I'm Zoe Rose.
GRAHAM CLULEY
Hello, Zoe. Welcome back to the show. It's been a while since you've been on. How are you doing?
ZOE ROSE
Well, usually when I join, something massive has happened.
GRAHAM CLULEY
Right.
ZOE ROSE
At the moment, I have not acquired another child or a pet.
GRAHAM CLULEY
So, well done.
ZOE ROSE
Yeah.
GRAHAM CLULEY
So for those who don't know Zoe, what are you? I mean, people who haven't heard of you before, what do you do exactly?
ZOE ROSE
That's a good question. What do I do? I work in security and pretend I know what I'm talking about half the time.
GRAHAM CLULEY
Oh, okay. It seems fair enough. And you work for a big company?
ZOE ROSE
I have a bloody long title now, actually. That's the change. That's what's new. My title has massively increased.
GRAHAM CLULEY
Okay, give us your title. Let's hear it.
ZOE ROSE
All right. It is C-Cert, which if you know what that stands for, it has more words, but we'll just stick to some letters. Security Operations Development Manager.
GRAHAM CLULEY
Wow.
ZOE ROSE
Yeah.
GRAHAM CLULEY
Security Operations Development Manager, like SODOM, is basically what you're saying.
Unknown
Yeah, sure.
GRAHAM CLULEY
Interesting. Well, before we kick off, let's thank this week's wonderful sponsors, Arctic Wolf, NordLayer, and Vanta. We'll be hearing more about them later on in the podcast.

This week on Smashing Security, we're not going to be talking about how a Greek politician investigating spyware had his own mobile phone hacked.

You'll hear no discussion of how a US Department of Homeland Security information sharing database has been accessed by hackers.

And we won't even mention how hackers are using a fake World Cup t-shirt offer to spread malware. So Zoe, what are you going to be talking about this week?
ZOE ROSE
I'm going to talk about Apple's Hide My Email isn't actually as hidden as it sounds like.
GRAHAM CLULEY
And I'm going to be telling the tale of how a 15-year-old with a chatbot became a cybercriminal and what happens when the AI just does the whole job itself.

All this and much more coming up on this episode of Smashing Security.
JOE
Graham, am I right in thinking that Arctic Wolf are sponsoring the show this week?
GRAHAM CLULEY
You are right, Joe.

They've just published a new report, 2026 State of the Cybersecurity Attack Surface, and they analysed over 800,000 real IT assets to find out how exposed organisations actually are.
JOE
And I'm guessing everything is hunky-dory.
GRAHAM CLULEY
No, not so much. The reality is they found 1 in 3 IT assets is missing at least one critical security control.
JOE
One in three? That's terrible.
GRAHAM CLULEY
Isn't it just? 10% of assets have no endpoint security at all. 17% are completely invisible to the tools that are supposed to be monitoring them.
JOE
So the tools don't even know those assets exist?
GRAHAM CLULEY
Right. Ghost assets wandering around your network, unprotected, unmonitored.
JOE
Like a retired geography teacher who's somehow still on the school network.

Nobody added him, nobody removed him, and he's been quietly in there for 11 years downloading maps of Paraguay.
GRAHAM CLULEY
Yeah, yeah, I guess so, Joe. The point is, your attackers will find him before you do because they are specifically looking for the forgotten, the unpatched, the invisible.

That's the path of least resistance.
JOE
So what does the report tell us to actually do about it?
GRAHAM CLULEY
Arctic Wolf's report covers how to prioritize the exposures that actually matter. Cut through all that noise and verify that when you fix something, it actually stays fixed.

And the report is free to download.
JOE
Free! I like that. Where do I get it?
GRAHAM CLULEY
SmashingSecurity.com/ArcticWolf.
JOE
That's SmashingSecurity.com/ArcticWolf. And thanks to Arctic Wolf for supporting the show. And please keep an eye on your IT assets and retired geography teachers.
GRAHAM CLULEY
So, chums, I want to tell you about two stories really this week. On the surface, they don't seem connected.

One of them involves a fully automated, sophisticated, AI-driven ransomware attack against a company. Nasty stuff.

The other involves a 15-year-old lad in Japan who just wanted to cause some chaos on an animation streaming website.

These stories appear different, but they're actually telling the same story. And that story is something we've been warning about for a while.

That the skills needed to commit a cyberattack are in the hands now of practically everybody on the internet. So let's start in Japan. Have you ever been to Japan, Zoe?
ZOE ROSE
I have not.
GRAHAM CLULEY
Well, it's a fabulous place, I have to say. If you ever get the chance, it's a great place to go and visit. So anyway, I love Japan. I love Japanese culture.

One of the things which is really big in Japan is anime. Are you into anime at all?
ZOE ROSE
I think I've seen some, but I'd probably be the worst guest to try and talk about it in any educated way.
GRAHAM CLULEY
Oh, don't worry. I'm not going to talk about it in an educated way. It's that animation where everyone's got really big eyes. It's a big deal, particularly in Japanese culture.

And there is a popular anime streaming service called Bandai Channel. And you can think of it as being a bit like Japanese Netflix, but specifically for anime.

And last November, something really odd happened on this particular streaming service. People found that they were being unsubscribed.

Not just a few people, but thousands and thousands of them. By the time Bandai Channel noticed and shut down all of its services — what the hell's going on here?

We're going to turn everything off — a total of 46,812 accounts had been cancelled in under 4 hours.
ZOE ROSE
Oh, mate.
GRAHAM CLULEY
Bandai Channel investigated what it thought might be a leak of its membership database.

And this week, Japanese police have arrested the person that they believe to be the culprit of this particular attack, a 15-year-old schoolboy.
ZOE ROSE
Eh, as you would, yeah.
GRAHAM CLULEY
And according to media reports, he'd been teaching himself about computers since primary school, and he had built the attack tool that targeted Bandai Channel using ChatGPT.
ZOE ROSE
All right, I could see that. I mean, I can't say that open source tooling or any tooling out there hasn't already been used maliciously, just like it is used for research.

So it stands to reason that this would also be used, honestly.
GRAHAM CLULEY
But the only thing is, of course, that the AIs are meant to have guardrails to prevent you from writing malicious code.
ZOE ROSE
Guardrails, oh yeah, okay.
GRAHAM CLULEY
Oh, I think they've got better, haven't they, over time?

They have got better, but what you're saying, I guess, in Zoe Rose's hacking house, maybe you are capable of subverting the security and getting around it with your elite skills.

Is that what you're saying?
ZOE ROSE
Mate, you don't have to be that complex. Just keep trying. I think that we have to remember that this stuff is built by us, humans, and we are not the most effective people.

We make mistakes and it just amplifies our mistakes.
GRAHAM CLULEY
So, this 15-year-old schoolboy, he just described what he wanted to a chatbot, and the chatbot helped him build a programme that could break into accounts and cancel the subscriptions.

According to reports, the teenager told police he didn't have a particular grudge against the company. He just could do it, and so he did do it.
ZOE ROSE
I relate to this child. I would have to say, if I was a 15-year-old child doing this, I'd be like, "Mate, it works!" I'd be so excited.
GRAHAM CLULEY
I think there's probably a lot of listeners as well who can identify that maybe aged 15, they would've done something like that as well.

I would like to think, Zoe, that you wouldn't do it now. A little bit of adult common sense or decorum.
ZOE ROSE
Sure, yeah, of course.
GRAHAM CLULEY
You don't sound convinced. Now, he is not the only teenager in Japan to have harnessed the power of AI to hack in this way.

In December last year, a 17-year-old from Osaka was arrested for using ChatGPT to build a tool that hoovered up 7.25 million records from a chain of internet cafes.

And apparently his goal was to steal credit card information from members in order to then go and buy Pokémon cards, which, I mean, it sounds like a complete cliché, doesn't it?

In Japan to do something like this.

Before that, in February, three teenagers — a 14-year-old, a 15-year-old, a 16-year-old — were arrested for using ChatGPT to fraudulently generate mobile phone contracts in other people's names.

And they sold these stolen Rakuten mobile subscriptions for cryptocurrency and then used the proceeds to gamble online and buy video game consoles.

So there's been a fair amount of this.

Three separate cases in Japan, multiple teenagers, all using AI chatbots as their primary development tool, just like teenagers are probably using AI to write their homework these days as well.

Now, I don't want to suggest that these kids are going to a chatbot and just typing in something like "hack the Bandai channel" into ChatGPT.

The 15-year-old arrested this week clearly had some existing tech expertise.

But what is happening is the gap between being an interested teenager who's got some computer knowledge and a person capable of attacking a platform with 46,000 users and stealing their information — that has noticeably reduced.

That's one of the big changes AI has caused.
ZOE ROSE
I would say yes, but they got caught. Operational security, I think, is quite difficult to do.
GRAHAM CLULEY
Yes. They still didn't cover their tracks properly, but AI impresses me with the speed with which it can code. Your boss isn't listening — have you ever done any vibe coding, Zoe?
ZOE ROSE
You know, I have made use of certain functionality of AI to figure out what it could do.

It is interesting and I will admit it is helpful, but, and that's the big but, if I know what I need done and I understand the foundations, I can make it effective for me.

So, if I'm not a skilled person and I'm using it for a skilled resource, it's noticeably lacking a lot of things.
GRAHAM CLULEY
You don't think it's getting better? Can you foresee a time when it becomes more professional, maybe?
ZOE ROSE
I do see it getting better, yes.

But I think the way that our brains seem to function is if we think that this feature can work for us, we start to lose that functionality in ourselves.
GRAHAM CLULEY
Yes.
ZOE ROSE
And so we're not—
GRAHAM CLULEY
Our brain turns to porridge is what you're saying if we use AI too much.
ZOE ROSE
I used to be able to figure out how to walk to different places alone. Now it's like, where is my map?
GRAHAM CLULEY
Right.
ZOE ROSE
So, I think yes, AI is getting better.

I don't ever, well, maybe, maybe I'm wrong, but I don't foresee it in the near future to fully replace people because it doesn't have that capability.

But the problem is before it gets to the place where it can replace people, do we still have the skills on our side?
GRAHAM CLULEY
Yes.
ZOE ROSE
To do the critical thinking.
GRAHAM CLULEY
Good point.

Well, what it feels like to me is that something which would have taken years of study for a human and weeks of hard work can now be accomplished in an afternoon with the aid of an AI.
ZOE ROSE
Well, wouldn't we just call those script kiddies? Wouldn't they still classify as that?
GRAHAM CLULEY
Well, maybe they would, but if a script kiddie can hack into an organisation and cancel accounts.
ZOE ROSE
But they used to be able to do these things as well with other tools.
GRAHAM CLULEY
Yes, but they needed some sort of assistance, didn't they? Whereas now you can know nothing at all. You don't have to have spent any time on the script kiddy forums.
ZOE ROSE
I suppose, I suppose. Maybe it's just faster.
GRAHAM CLULEY
Yeah.
ZOE ROSE
Fair enough.
GRAHAM CLULEY
It feels to me like that's where things are heading, which brings us to my second story.
ZOE ROSE
I'm going to flag, I'm going to flag the point that I made earlier is that operational security isn't always there.
GRAHAM CLULEY
Yes, we can hopefully catch them later.
ZOE ROSE
We need an LLM that says, here's how to do it. And don't forget to consider these things.
GRAHAM CLULEY
No, no, we don't need that actually, Zoe. We don't need any help for the criminals in covering up the tracks. Interesting, interesting that you should suggest that.

This thought that AI can be harnessed by people with little technical knowledge to cause some harm brings me to my second story, which shows, I believe, where things are heading.

So security researchers at Sysdig have just published what they're calling the first documented case of fully autonomous AI-driven ransomware.

This is not AI-assisted, it's not AI-accelerated or any of those sort of marketing terms. There's no human steering the attack at all.

This is just an AI agent doing the entire job from start to finish entirely by itself. And they're calling this thing Jade Puffer. Because, well, why wouldn't you?
JOE
Yeah.
GRAHAM CLULEY
I don't know why they've called it Jade Puffer, to be honest.
ZOE ROSE
Because it's an excellent name.
GRAHAM CLULEY
Well, yes, I know, but why didn't they call it lumpy trousers? Or why didn't they call it—
ZOE ROSE
Because Jade Puffer is more exciting.
GRAHAM CLULEY
Oh, okay. Alright. Well, I was thinking maybe someone at Sysdig in their lab was a fan of tropical fish ornaments. Maybe it's just a very dull job.

Maybe, maybe the name is actually made up by an AI. Maybe.
ZOE ROSE
Could be.
GRAHAM CLULEY
There you go. Putting someone out of work again, Zoe.
ZOE ROSE
Oh, when I have to think of codenames for things, I usually stick to a theme. I'm not going to say what theme because I might embarrass myself, but I stick to a theme.

So all my codenames are in a theme. So if you figure out certain projects and certain things that needed codenames anywhere I've worked, you probably can guess which ones I created.
GRAHAM CLULEY
That's one of Zoe's. So Jade Puffer is doing the entire job.

It finds a way in, it steals passwords, it breaks into secondary servers, it encrypts the data, it leaves a ransom note demanding bitcoin, all without a single human having to put a hoodie on in their darkened bedroom.
ZOE ROSE
Excellent.
GRAHAM CLULEY
Now, the unnamed victim organisation, they weren't exactly running a tight ship, to be honest. Apparently they had some software with a known security flaw.

There'd been a patch out for at least a year. They hadn't patched it. And it was internet-facing.
ZOE ROSE
And so most organisations.
JOE
Yeah.
GRAHAM CLULEY
Yeah. So Jade Puffer was able to get in and it helped itself to passwords, account details, API keys for OpenAI and Anthropic and Google Gemini.

'Cause you know, that's often what they're after now. They don't want to use their own AI tokens. They'd rather use someone else's.

And they're stealing cloud infrastructure credentials for AWS, and cryptocurrency seed keys to break into wallets.

And then it moved on to its real target, which was the company's production database.

And it tried to create a hidden admin account for itself to access that database, but it failed. It made a technical error.

And what was eye-opening was that the AI diagnosed the problem as it was trying.
ZOE ROSE
Oh, cool.
GRAHAM CLULEY
And fixed— no, not cool, Zoe Rose, not cool at all. You really got to remember what side you're on. And it fixed the problem. And it took round about 31 seconds to fix the problem.

Now, Sysdig's researchers, they said if a human had read that same error message—
ZOE ROSE
Lots more searching online.
GRAHAM CLULEY
Yeah, they would then have had to have Googled it. They'd then have to go and make a cup of tea or something, or whatever it is, you know, scratch their head for a bit.

It would have not taken 31 seconds to recode in order to do it properly.
ZOE ROSE
You know what this makes me think though? I should rethink my stance on automated pen tests. Oh, maybe there is an AI out there that could be a decent red teamer.
GRAHAM CLULEY
Yeah, well, there are more and more companies who are beginning to do that, aren't there? Anyway, Jade Puffer sorted itself out.
ZOE ROSE
Good on it.
GRAHAM CLULEY
Encrypted all the items in the database, deleted the originals, so the data is now gone. So it's been held hostage.
ZOE ROSE
Do they know? Question. Do they know? If the ransomware actually is done properly and it can actually revert backwards, or is it all gone?
GRAHAM CLULEY
A very good question.

And the kind of question which would only be asked by a cynical cybersecurity expert such as yourself, because actually you have put your finger on the whole flaw in this plan.
ZOE ROSE
Oh mate, did I?
GRAHAM CLULEY
So although it did encrypt the files and it did generate a unique decryption key, which was going to be the only thing which would ever unlock those files for the victim, it failed to send that key back to the criminals.

So it effectively disappeared. Even if someone had paid, there was no chance you were ever going to get the decryption key back to get your data back.

So there was a flaw in the code.
ZOE ROSE
Well, we've seen this before though, in legitimate people. Yes. Actual cybercriminals. So maybe the AI is at the functional level of sass in people already.
GRAHAM CLULEY
Maybe it is.

But more than that, in the actual ransom note where it listed the bitcoin address, what it used was a generic bitcoin address, which is used in all the bitcoin documentation.

It's like using .
ZOE ROSE
That's excellent. I love these little failures. It's just yeah, lovely. It's like these script kiddies.

I know how to do this because it's done it for me, but I don't actually know how to apply it logically.
GRAHAM CLULEY
Yes.
ZOE ROSE
And it's a limited capacity of this highly functional, very fast, efficient tooling that's still not there. I don't know, it's just really interesting to me.
GRAHAM CLULEY
And there were other things which were interesting about this ransomware as well, because the security researchers, they knew they were looking at an AI rather than a human attacker.

Because the AI couldn't stop itself from offering a running commentary on what it was doing.

So when they looked at its attack scripts, they were stuffed with comments and explanations of what it was doing.

And as we know, no humans are ever gonna document— It's commenting!
ZOE ROSE
Oh my goodness, it's like a programmer that can't comment their own code. It's bloody commenting. It's like—
GRAHAM CLULEY
So the AI had left comments in its own code discussing which parts of the database were the best return on investment. I love this. So, yeah.

Less than ideal for the criminals, really.
ZOE ROSE
Well, I mean, to be fair though, if they got the money, they got the money. They didn't have to do that much. So, their return on investment ain't that bad, is it?
GRAHAM CLULEY
Well, but they haven't got the money 'cause they didn't list the right bitcoin address.
ZOE ROSE
Oh, okay, never mind.
GRAHAM CLULEY
They listed the example one. So, they bungled, basically. They've got an AI accomplice, and it has bungled. Achieved precisely nothing other than damage.
ZOE ROSE
But maybe it was a test, and maybe they've had it successful since then, innit? 'Cause how many companies actually say when they've been hit by ransomware?
GRAHAM CLULEY
That's true. It may well have since been developed further, and maybe it is succeeding.

So what connects this 15-year-old in Japan who zapped these 46,000 anime accounts and this rogue AI that wiped a company's database and then forgot how to actually extort the money afterwards?

I think the connection is that AI is making it easier to be a cybercriminal. It is opening up this career opportunity, if you like, to more people.

So as people are struggling with the cost of living, as people are finding, oh, crumbs, you know, I can't get a job or whatever, more people might be tempted into cybercrime because AI could well help them.

JadePuffer, this new ransomware, it's not perfect. It fell over. It failed to handle the encryption properly and extort any money.

But sooner rather than later, as you've already suggested, I think problems like that are going to be fixed.
JOE
This week's episode is supported by NordLayer.
GRAHAM CLULEY
NordLayer. And before anyone says anything, no, it's not NordVPN.
JOE
I wasn't going to say that.
GRAHAM CLULEY
You were absolutely going to say that, Joe. They are both from Nord Security, but NordLayer is a completely different product. NordVPN is for individuals.

NordLayer is a network security platform built for businesses.
JOE
Right, so what does NordLayer actually do?
GRAHAM CLULEY
Well, think about how your team works today. People logging in from home, from hotel Wi-Fi, from coffee shops, from wherever.
JOE
From a sun lounger, hopefully.
GRAHAM CLULEY
You'd be lucky. And the moment someone logs into a company network over an unsecured connection, you've got a problem. Credentials intercepted, phishing attacks, unauthorised access.

It's a scary world out there for travelling workers.
JOE
So NordLayer fixes that.
GRAHAM CLULEY
It gives you encrypted connectivity for your whole team from anywhere, up to 1 gigabyte per second with zero additional hardware required.

But it goes well beyond just encrypting the connection.

You get centralised control over who can access what based on their identity, their device, whether their device is actually compliant, and if someone leaves the company, you revoke their access immediately.
JOE
No more ex-employees still wandering around your systems 6 months later.
GRAHAM CLULEY
No more of that. And it will block malicious sites, risky downloads, dangerous domains, and it can even detect shadow apps.

So if someone on your team has started using some AI tool that your security team hasn't approved—
JOE
I'd never do that.
GRAHAM CLULEY
Yeah, well, whatever. NordLayer can spot that too. And there's no complex infrastructure to set up. Apparently you can be up and running in just about 10 minutes.
JOE
10 minutes.
GRAHAM CLULEY
10 minutes. Plans start from just $8 per user per month. And right now there is a summer sale. New customers get up to 20% off annual plans until the end of August 2026.

Use the code NLsummer26 at checkout.
JOE
Whoa, all I have to do is type in that code at nordlayer.com/smashing and I can get a great deal? Let me write that down.
GRAHAM CLULEY
Yep, go ahead, write it down.
JOE
What's the code again? I forgot.
GRAHAM CLULEY
Oh, Joe. NLsummer26.
JOE
Got it. Off to nordlayer.com/smashingigo.
GRAHAM CLULEY
And thanks to NordLayer for supporting the show. Zoe, what's your story for us this week?
ZOE ROSE
I was talking about Apple's Hide My Email. So if you don't know what that is, it's if you have an iCloud account, you can select the feature that says Hide My Email.

It generates a random email address that you can enter instead of your main email.

Theoretically, the point is privacy, to keep from the association with this, whatever you're signing up for, with your true identity.
GRAHAM CLULEY
Yeah. And presumably it means that you will know where someone got your email address from. So if you create—
ZOE ROSE
It's like watermarking it. Yeah.
GRAHAM CLULEY
Yeah. And you could obviously shut it down if it's then abused by spammers or scammers in some way.
ZOE ROSE
Yeah. I use it for the use case that you just said, so I can have it for a temporary amount of time. Remove it, and then I'm good. It's very useful for that.

I don't use it for a highly sensitive sort of, maybe I don't want somebody to associate this action with my identity. I don't use it in that use case.

But being as what it was marketed as, I could imagine a lot of people do.
GRAHAM CLULEY
Right.
ZOE ROSE
Right. So that's more the concern for me.
GRAHAM CLULEY
So what's happened with it? What's happened with this Hide My Email feature?
ZOE ROSE
There is a vulnerability, quote unquote, that you can associate your generated email address with the original legitimate mailbox.
GRAHAM CLULEY
Right.
ZOE ROSE
Yeah.

So theoretically, if I go to a naughty site and I want to sign up for an account and I don't want you to see it's me, I could use this generated account and then this site will email this generated account, which would then come to my main legitimate email.
GRAHAM CLULEY
Yes.
ZOE ROSE
And then if I don't want it anymore, I can delete the account on the website or disable it within my settings. Very useful.

Theoretically, it's going to be very helpful for a lot of people. From my perspective, I would still make the assumption that that's traceable without knowing that it was. Yeah.

I didn't know it was. I always assumed it would be because, you know, it's technology and technology is—
GRAHAM CLULEY
Flawed.
ZOE ROSE
Rubbish.
JOE
Yes.
ZOE ROSE
Yeah, that's a nice way of saying it.
GRAHAM CLULEY
A dumpster fire. Yes.
ZOE ROSE
Yeah, perfect. And I used to work in OSINT, so open source intelligence. My job used to be aggregating data and connecting the dots and making very overly-sized webs of details.

You know that picture where it's like the guy and he's got the pictures and all the red strings together?
GRAHAM CLULEY
Oh, the red string, yes, like a conspiracy board, yes.
ZOE ROSE
Mate, that was me, and that's exactly what I did.

And I still look it, but LLMs, further to what you were talking about, they just make that easier as well because you can aggregate data quite quickly with a lot of tooling.

I imagine they're using LLMs as well to aggregate more data, because it's not that difficult to tag and connect the dots.
JOE
Right.
ZOE ROSE
Right? These vulnerabilities probably make it much easier. I mean, I imagine it is. And so, I would always take the assumed compromise approach.

So, I would always assume that they're connectable. But as a non-technical person, I could 100% see how they would not think that this is connectable.

And if you're doing it because you're hiding some kink, okay, embarrassing, not the end of the world. But for some users, they're trying to get help for dangerous situations.

Maybe they're a survivor of domestic abuse and violence.
GRAHAM CLULEY
Yes, yes.
ZOE ROSE
So this could be quite risky for them if their abuser is able to connect the dots, if their stalker is able to identify them.

And so I agree with the Smashing Security researchers' publication of the fact that it is vulnerable and it is not protecting you in the way that it's supposed to be, or it claims to be.

The disappointing thing is apparently it was June last year that the vulnerability was disclosed to them.
GRAHAM CLULEY
Oh, to Apple. So Apple's known about this for a year.
ZOE ROSE
According to the article, it was a year, and in May the update was it was going to be resolved shortly, and we're in July and there's no resolution yet.
GRAHAM CLULEY
Ah.
ZOE ROSE
So that's why, from what I've read, that's why they wanted to publish it, because they're concerned for the safety of people that are making use of this.
GRAHAM CLULEY
So that feels quite noble to me that the researchers withhold technical details of exactly how to exploit this to prevent that sort of exploitation event, people obviously finding themselves in a pickle, but Apple should have done something by now, surely.
ZOE ROSE
Well, and it's disappointing because Apple always likes to market themselves as privacy-focused, right? And if you're going to market yourself that way, bloody do it.
GRAHAM CLULEY
Yeah, walk the walk. Yeah.
ZOE ROSE
And there are priorities.

So the one thing I always get frustrated with, they're marketing their autonomous cars, is they're not actually autonomous, or they can't achieve what they want, or they don't even have the capability that they're marketing.

And that's dangerous for people's safety. This is also dangerous.

Maybe it's not as physically visible how dangerous it can be, but I work and volunteer with organisations that support survivors of domestic abuse and violence.

I've also been through a very similar situation myself. It's scary being in that environment.

And when the technology you're relying on to protect you, and in some people's case it is protecting their life, and you're not doing it to the best of your ability, that's, that's really, really disappointing.

So I'm hoping it resolves it, but I think the main takeaway here is you cannot rely 100% on technology. You just can't.
GRAHAM CLULEY
So I've got a question, Zoe. Is a broken privacy feature worse than no privacy feature?

Because of the false confidence it creates, because people would have used this thinking they were being private, thinking they were doing the right thing.
ZOE ROSE
And in many cases they probably were fine. Right. In many cases it's probably fine.

It's the cases that it's not fine and assuming that it is, that you're protected, where it can go drastically wrong.

I think knowing that it is broken allows you to consciously choose what use cases is it going to fit for, right?

Not knowing means that you're unconsciously putting yourself at risk, and that's what I'm not okay with. I still make use of the functionality for the case that I've already said.

If I want to have a temporary mailbox, it's a great resource. It's still connectable, yes, but it's a great resource. I can just remove it.
GRAHAM CLULEY
And I also know there are some other third-party services which offer sort of masked emails and things like Fastmail. I think ProtonMail offers this as well.
ZOE ROSE
They do, yep, and they're useful if you 100% want to keep them separate.

At the end of the day, you have to be separate, but as our lovely 15-year-old found out, OPSEC is very difficult. Right?

And so, if you want to keep them separate for your own safety or for specific reasons, maybe you have a much, much more intense threat map than I do, and you've got nation state after you, then there's a lot more to consider.
GRAHAM CLULEY
But I guess for now, all eyes are on Apple and how they're going to respond to this, albeit 13 months later.
ZOE ROSE
Well, and it goes back to responsibility because they're marketing it as hide my email address and they know there's a vulnerability.

So, who's accountable there if something happens? How do we force organisations to care? And I think at the end of the day, we're European, right?

Well, European, not EU for you, but—
GRAHAM CLULEY
Thanks for reminding me.
ZOE ROSE
Just in case you forgot. To be fair, I'm not either.

But at the end of the day, we have more protections than somebody in North America because of the regulations and putting the accountability back on the vendor.

So, as these things happen and as technology changes, as much as I hate regulation and compliance for the sake of compliance, I do hope it makes a difference and puts more accountability back on the organisations to respond in an appropriate timeframe and not market falsely.
GRAHAM CLULEY
Well, we've got time now to talk about one of today's sponsors, Vanta. Joe, what keeps you up at 2 o'clock in the morning?
JOE
The dog next door, mostly.
GRAHAM CLULEY
Oh, right, well, yeah, but I'm talking professionally, what keeps you up?
JOE
Oh, whether we've got the right security controls in place, whether our vendors are secure, how to escape the nightmare of outdated tools and endless manual processes.
GRAHAM CLULEY
Exactly, which is where today's sponsor comes in. It's Vanta.
JOE
Fanta, the fizzy orange drink. How can this possibly be true?
GRAHAM CLULEY
No, no, Joe, it's Vanta with a V. It's a trust management platform. It's not a drink full of sugar.

It automates all of that tedious manual compliance work so you can stop drowning in spreadsheets, chasing audit evidence, and filling out questionnaire after questionnaire.
JOE
Lush, I hate questionnaires.
GRAHAM CLULEY
Well, who doesn't? Vanta continuously monitors your systems. It centralises your security data. It keeps your program audit ready all of the time.

It also uses AI to streamline evidence collection and flag risks. It automates compliance for SOC 2, ISO 27001, HIPAA, GDPR, and more.
JOE
So basically it handles the boring stuff so we can focus on the interesting stuff.
GRAHAM CLULEY
Exactly. Precisely that. And for a limited time, new customers can get $1,000 off. $1,000? Yep, $1,000.

Head to vanta.com/smashing, that's V-A-N-T-A dot com slash smashing, and get started today.
JOE
And maybe get a decent night's sleep for once. Oh, and unlike fizzy drinks, Fanta isn't bad for you. That was a fruit twist.
GRAHAM CLULEY
And welcome back, and you join us at our favourite part of the show, the part of the show that we like to call Pick of the Week.
JOE
Pick of the Week.
ZOE ROSE
Pick of the Week.
GRAHAM CLULEY
Pick of the Week is the part of the show where everyone chooses something they like.

Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app, whatever they wish. Doesn't have to be security related necessarily.

Now, my pick of the week this week is related to a news story which I saw on July 1st.

TV stations in America, they broke their 24-hour rolling news to report on what was going on at the Empire State Building in New York.
ZOE ROSE
We are following breaking news out of New York City where at least two people have climbed to the very top of the Empire State Building. You can see them there.

They're on the antenna with a flag.
GRAHAM CLULEY
That is 1,554 feet above the ground.

They appear to be protesters and have unfurled a banner that says, "When the power of love beats the love of power, the world knows peace." NBC New York is covering all of it.
ZOE ROSE
We're going to take a listen right now.
GRAHAM CLULEY
Did you see this at all, Zoe?
ZOE ROSE
I did not.
GRAHAM CLULEY
Well, they had helicopter crews circling around one of the world's most famous buildings because a man and a woman had climbed right to the very, very top.

They unfurled a banner saying, "When the power of love beats the love of power, the world knows peace," which is, you know, a very groovy thing to say.

They got down from the very top onto a platform and the man got down on one knee and nervously proposed to the woman who had climbed up there with him.

And, you know, it was all in some ways charming, in other ways just like, what the bloody hell are they doing?

Is this what everyone's going to be doing now to propose to each other? This is insanity. And they were arrested, of course. Their names are Angela Nikolau and Ivan Birkus.

They are two Russian, what are called, rooftoppers, who climb buildings. You know, they don't have all the safety gear. They just go up in their trainers, it seems.
ZOE ROSE
What is it called, like free climbing or something?
GRAHAM CLULEY
It's that kind of thing. They break into buildings. They're not doing this with permission. They evade security teams.
ZOE ROSE
May I guess that? Yeah.
GRAHAM CLULEY
Anyway, this interested me in this case, and I found out that they were the subject of a Netflix documentary a couple of years ago called Skywalkers: A Love Story.

And it is that documentary which is my pick of the week. And I'll tell you something about myself, Zoe. I am terrified of heights, right?

I can't stand on a stool, let alone climb up a ladder.
ZOE ROSE
Mate, I am 155 centimetres, and that is as tall as I need to be.
GRAHAM CLULEY
Right, right. So you and me both, right? Yeah.

I have in the past got up into the loft in my house and I've then been stuck there for 45 minutes thinking, how am I going to get— and that's when there's a ladder attached to the loft.

You know, it's like, how am I going to get down? But aside from being terrified of heights, I am weirdly drawn to them. I am always thinking, oh, I want to test my fear of heights.

See, is this quite as scary. Will I want to throw myself off the— that's my worry, is my brain will sort of short circuit and throw myself off just impulsively.

Anyway, I cannot tell you how stomach-churning this documentary was to me because I'm watching these two people climb buildings without permission.

And they sort of fell in love doing it, which is charming, but sometimes they're having a bit of a row on the way, which has all been recorded on their GoPros.

And the woman at one point was having a real panic attack, which is understandable. I would be having a panic attack. I would feel paralysed as well.

And the guy is saying, "Come on, you can do it," and all the rest of it. And she's like, "No, no, really, I can't." And then she wants to, she wants to prove that she can.

I'm not saying that what these guys do is advisable or admirable. I think there's—
ZOE ROSE
We should flag that there have been people that have died from doing that sort of thing.
GRAHAM CLULEY
Oh, and some of their friends had died as a result of this. So that is covered in the documentary. So, I mean, it is absolutely appalling.

I also think it's questionable why Netflix, you know, why is this documentary being made? Is there then a compulsion for people to carry on doing these things?
ZOE ROSE
Yeah.
GRAHAM CLULEY
Rather than working in a sandwich bar or something like that. It's, it's—
ZOE ROSE
I feel like that's not the two alternatives, climbing a ginormous building or making sandwiches.
GRAHAM CLULEY
This woman, by the way, this woman.
ZOE ROSE
Yeah.
GRAHAM CLULEY
She climbs these buildings, she's on Instagram, right? And so she's got hundreds of thousands of followers.

So what she does is she takes an outfit with her, she's got her heels, and she's doing all these sort of glamorous shots of herself doing acrobatics on the top of buildings, you know, which, I mean, they are amazing photographs, but surely if there was one reason why AI was invented was to stop people climbing up buildings and putting their lives at risk to pose on top of a skyscraper.

Anyway, is this my pick of the week, or is this my nitpick of the week?
ZOE ROSE
I have to say, you're criticising Netflix for— Yes! Providing this resource, and also recommending it.
GRAHAM CLULEY
Well, I'm bringing it to light. So this could be a nitpick of the week, rather than a pick of the week. I'm not sure which it is, but anyway, I found it compelling, and—
ZOE ROSE
I would like you to watch it again with the goggles. What do they call that? Like virtual reality?
GRAHAM CLULEY
Oh my God.
ZOE ROSE
What? So that you're single point of view of her?
GRAHAM CLULEY
I'm not wearing virtual reality goggles.
ZOE ROSE
I would love that.
GRAHAM CLULEY
Are you insane? I would never do such a thing. Anyway, Skywalker's A Love Story. Is it my pick of the week? Is it a nitpick of the week?

I'm not sure, but that is what I'm talking about on Smashing Security today.
ZOE ROSE
Excellent.
JOE
Phew.
GRAHAM CLULEY
Okay, Zoe, what's your pick of the week?
ZOE ROSE
My pick of the week is, I am a single mother of two children and a cat. I'm pretty sure my cat is Satan, but, so I'm very busy.
GRAHAM CLULEY
So you're the mother of Satan?
ZOE ROSE
Basically.
GRAHAM CLULEY
Right, lovely.
ZOE ROSE
Anyway, pick of the week is, I have no time, and so I've discovered, and by discovered I mean heavily forced to stop not considering by multiple people throughout many years, to purchase a Thermomix.
GRAHAM CLULEY
Oh, now I know what one of those is. Why don't you describe it for our listeners, what a Thermomix is?
ZOE ROSE
A very, very expensive kitchen tool. But I will say, if you don't like clutter, I was able to remove an insane amount of kitchen tooling.

And donate it because I've got this Thermomix replaced. But basically it weighs, it measures, it mixes and cooks and all of those fancy things.

I've made ice cream and lemonade and every dinner, and it does my shopping.
GRAHAM CLULEY
It's not just cold food, it can do hot food. I have lived in a house with a Thermomix before.
ZOE ROSE
Oh, wow.
GRAHAM CLULEY
So I do know— the embarrassing truth is that I only ever made boiled rice in it. But I know that you can do extraordinary things.
ZOE ROSE
So I've got all the recipes.
GRAHAM CLULEY
They're very expensive. I mean, as a boiled rice machine, I thought this was overpriced, I have to say. Oh no, I did pasta as well. I did pasta as well. But you know, it is—
ZOE ROSE
You are so bland right now. I did pasta.
GRAHAM CLULEY
They are expensive devices.
ZOE ROSE
Okay. They are expensive. And you have to have a subscription to the app for recipes. You don't have to, but I do.
GRAHAM CLULEY
No, come on.
ZOE ROSE
Super beneficial though, because I go through the app, I choose the recipes, put in a shopping list.

It makes shopping super bloody easy because then I just put it in the thing that delivers. Because I'm not going to the shop with two children and a bloody cat.

So it's really useful and it allows me to cook things that are actually really good, to the point where, because I'm not a very good cook, let's be honest.

You want me to investigate an incident? Right on. You want me to cook pizza from scratch? Questionable. But in this case, it works.
GRAHAM CLULEY
And it can boil rice very reliably in my experience.
ZOE ROSE
It even makes cake. I made cheesecake the other day. That's so clever. And muffins, because it has a thingy that goes on top and you can steam them.
JOE
Right. Yeah.
GRAHAM CLULEY
Very clever. Very cool pick of the week. Take out a mortgage though to buy one. Well, that just about wraps up the show for this week. Zoe, thank you so much for joining us as a guest.

I'm sure lots of listeners would love to find out what you're up to and follow you online. What's the best way to do that?
ZOE ROSE
Well, I am not massively active online because I'm getting old. And also going back to the mum comment, they could go to my website, rose.com, if they really want.

But I think I'd also like to flag that if they're somebody that related to the story I said earlier about high threat profiles, I would suggest they go and look at organisations like Operation Safe Escape or any organisations that specifically tailor their support to domestic abuse and violence survivors, because they will understand those threat maps a lot better than I can summarise.
GRAHAM CLULEY
Fantastic stuff. Well, we really appreciate you being on the show.

And listeners, you can find me, Graham Cluley, on LinkedIn or follow Smashing Security on Bluesky and Reddit and Mastodon. And don't forget to ensure you never miss another episode.

Follow Smashing Security in your favorite podcast apps such as Apple Podcasts, Spotify, and Pocket Casts for episode show notes, sponsorship info, guest lists, and the entire back catalog of 475 episodes.

Check out smashingsecurity.com. Until next time. Cheerio, bye-bye. Cheers. You've been listening to Smashing Security with me, Graham Cluley.

Thanks ever so much to Zoe Rose for joining us this week and to this episode's sponsors, Arctic Wolf, NordLayer, and Vanta.

Make sure to check out their special offers because they're supporting the show.

And talking of people supporting the show, thanks to the following fine fellows, all signed up members of Smashing Security Plus. Let's pick out some of them from the hat right now.

We've got first up, Darryl Green and Dave Barker. Both of them sound very dependable. I'd trust them to look after my plants while I'm on holiday.

Big yay to Richard Anand, Christoph Goossens and Travis West. Travis West.

Sounds like a Wild West character riding into town, sorting out your endpoint security, then riding off again without a word. And not also to Heisenberg.

We know who you are, but we can't be certain where you are. And that's fine.

Big thanks to Darren Kenny and to the magnificent Trogdork, a name that sounds like the final boss you'd have to beat in a game of Zelda, but probably turns out to be really good at patching vulnerabilities.

Oh, and finally, Daniel Kromeck and Billy, just Billy, one name Billy, no further questions. He's happy with that.

Those are just a few members of Smashing Security Plus, which means that they get their episodes completely ad-free, earlier than the general public as well, they get them.

And they can have their names pulled out at random to be mercilessly mocked at the end of the show. Who could want for more?

If you fancy a little bit of that, join Smashing Security Plus. Just head over to our little club at smashingsecurity.com/plus for all of the details.

But you don't have to become a member of that. You could support the show in ways which don't cost a penny by liking, subscribing, leaving a 5-star review wherever you listen.

That will warm my cockles. And of course, tell your friends about the show. Spreading the word really does help. And, well, until next time, cheerio, bye-bye.

Host:

Graham Cluley:

Guest:

Zoë Rose:

Episode links:

Sponsored by:

  • Arctic Wolf – See why 1 in 3 IT assets is missing a critical security control. Download the 2026 State of the Cybersecurity Attack Surface report.
  • NordLayer – the network security platform for modern teams across different work environments. Use code NLSUMMER26 for up to 20% off annual plans.
  • Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and hosts the popular "Smashing Security" podcast. Follow him on TikTok, LinkedIn, Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.