Smashing Security·Apr 29, 2026·1h 4m·Episode #465

This developer wanted to cheat at Roblox. It cost millions

Download audio Show notes Apple Podcasts

Show notes

Meanwhile, there's a 1980s phone protocol called SS7 that lets shadowy surveillance companies track anyone, anywhere, via their mobile phone. Governments know about it. Telecoms know about it. Nobody's fixing it.

All this and more in episode 465 of the "Smashing Security" podcast with cybersecurity keynote speaker and industry veteran Graham Cluley, joined this week by special guest James Ball.

Plus! Don't miss our featured interview with Rob Edmondson of CoreView, discussing how to lock down Microsoft 365 before it's too late.

EPISODE LINKS:

Burglar alarm biz gets burgled, ShinyHunters pursues ransom - The Register.
Ransomware negotiator pleads guilty after leaking victims' insurance details to 'BlackCat' hackers - Tom’s Hardware.
Grok tells researchers pretending to be delusional ‘drive an iron nail through the mirror while reciting Psalm 91 backwards’ - The Guardian.
Vercel April 2026 security incident - Vercel.
App host Vercel says it was hacked and customer data stolen - TechCrunch.
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials - Hacker News.
Sorry for the Nazi spam from my Twitter account - Graham Cluley.
Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors - Citizen Lab.
Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say - TechCrunch.
The rapid rise of phone surveillance firms - The Bureau of Investigative Journalism.
Please shut up about your Spotify Wrapped - The New World.
Think For Yourself - Beatles Song Identification Game.
Nodes: Free Connection Puzzle & Vertex Game Alternative.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

Elastic – AI is transforming security operations, but security is still a data problem. Learn how context-rich data drives faster, more reliable defence.
Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

← Previous

Rockstar got hacked. The data was junk. The secrets it revealed were not

A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency. Meanwhile, there's a 1980s phone protocol called SS7 that lets shadowy surveillance companies track anyone, anywhere, via their mobile phone. Governments know about it. Telecoms know about it. Nobody's fixing it. All this and more in episode 465 of the "Smashing Security" podcast with cybersecurity keynote speaker and industry veteran Graham Cluley, joined this week by special guest James Ball. Plus! Don't miss our featured interview with Rob Edmondson of CoreView, discussing how to lock down Microsoft 365 before it's too late. EPISODE LINKS: Burglar alarm biz gets burgled, ShinyHunters pursues ransom - The Register. Ransomware negotiator pleads guilty after leaking victims' insurance details to 'BlackCat' hackers - Tom’s Hardware. Grok tells researchers pretending to be delusional ‘drive an iron nail through the mirror while reciting Psalm 91 backwards’ - The Guardian. Vercel April 2026 security incident - Vercel. App host Vercel says it was hacked and customer data stolen - TechCrunch. Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials - Hacker News. Sorry for the Nazi spam from my Twitter account - Graham Cluley. Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors - Citizen Lab. Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say - TechCrunch. The rapid rise of phone surveillance firms - The Bureau of Investigative Journalism. Please shut up about your Spotify Wrapped - The New World. Think For Yourself - Beatles Song Identification Game . Nodes: Free Connection Puzzle & Vertex Game Alternative . Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Elastic – AI is transforming security operations, but security is still a data problem. Learn how context-rich data drives faster, more reliable defence. Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser . Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon , or on the Smashing Security subreddit , and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy