Your AI reads the small print, and that’s a problem. This week in episode 433 of “Smashing Security” we dig into LegalPwn – malicious instructions tucked into code comments and disclaimers that sweet-talks AI into rubber-stamping dangerous payloads (or even pretending they’re a harmless calculator).
Meanwhile, new research from Anthropic reveals that hackers have already used AI gents to break into networks, steal passwords, sift through stolen data, and even write custom ransom notes. In other words, one hacker with an AI helper can work like an entire team of cybercriminals.
Plus: a joyous geek detour into keyboard history, and the most diabolically annoying, fully functional AI-generated CAPTCHA that you will love to inflict on your friends.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with computer security veteran Graham Cluley, joined this week by Mark Stockley.
Warning: This podcast may contain nuts, adult themes, and rude language.
Host:
Graham Cluley:
@grahamcluley.com
@[email protected]
Guest:
Mark Stockley:
Episode links:
Sponsored by:
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Become a Patreon supporter for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
