How hackers turned AI into their new henchman
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 3 September 2025
⏱️ 45 minutes
🧾️ Download transcript
Summary
Your AI reads the small print, and that's a problem. This week in episode 433 of "Smashing Security" we dig into LegalPwn - malicious instructions tucked into code comments and disclaimers that sweet-talks AI into rubber-stamping dangerous payloads (or even pretending they’re a harmless calculator).
Meanwhile, new research from Anthropic reveals that hackers have already used AI agents to break into networks, steal passwords, sift through stolen data, and even write custom ransom notes. In other words, one hacker with an AI helper can work like an entire team of cybercriminals.
Plus: a joyous geek detour into keyboard history, and the most diabolically annoying, fully functional AI-generated CAPTCHA that you will love to inflict on your friends.
EPISODE LINKS:
- LegalPwn: Abusing Legal Disclaimers to Trigger Prompt Injections - Pangea Labs.
- LegalPwn: Tricking LLMs by burying badness in lawyerly fine print - The Register.
- LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code - HackRead.
- One long sentence is all it takes to make LLMs misbehave - The Register.
- Londoners give up eldest children in public Wi-Fi security horror show - The Guardian.
- Targeted social engineering is en vogue as ransom payment sizes increase - Coveware.
- State of Malware 2025 - ThreatDown.
- Cybercrime in the Age of AI - ThreatDown.
- Threat Intelligence Report: August 2025 - Anthropic.
- The Day Return Became Enter - Marcin Wichary.
- Ethan Mollick’s terrible AI-generated CAPTCHAs - Twitter.
- The very worst AI-generated CAPTCHA? - Claude.ai.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORED BY:
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
ENJOYED THE SHOW?
Make sure to check out our sister podcast, "The AI Fix".
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | But AIs can still be tricked. |
| 0:04.7 | For instance, a couple of months ago, researchers at Palo Alto Research, they discovered the simple way to break through the guardrails was to use terrible grammar and no punctuation and have a sentence which has no full stop at the end, which would be the normal point at which the guardrail would have a chance to kick in before the jailbreak takes effect |
| 0:21.6 | and so just as long as you keep on and on on on nona nona nonna nona nonna no no no no no no no please interrupt me mark |
| 0:27.0 | I've just thinking I've worked with programmers who use exactly the same tactic |
| 0:30.3 | smashing security Smashing Security, Episode 433, |
| 0:44.2 | How Hackers turned AI into their new henchmen with Graham Cluley. |
| 0:49.2 | Hello, hello, and welcome to Smashing Security episode 433. |
| 0:52.9 | My name's Graham Cluelly. |
| 0:55.3 | And I'm Mark Stockley. |
| 1:02.8 | Mark, lovely to have you on the show again. Of course, listeners will know about you. But for those who haven't yet experienced you, you are not only the co-host on that marvellous podcast known as |
| 1:08.2 | the AI Fix. That's true. Alongside me, but you're also the cybersecurity |
| 1:12.8 | evangelist at Threatdown. That's true too. And for people who haven't heard of Threat Down, |
| 1:17.8 | what is that? So Threat Down is the business product side of Malwarebytes. So probably everybody's |
| 1:23.8 | heard of Malwarebytes. Yes. Lots of people have got great stories about using |
| 1:27.9 | malware bites to battle virus infections back in the day. And Threatdown is basically that |
| 1:32.5 | stuff but then built for businesses. Oh, cool. Well, before we kick off, let's thank this |
| 1:37.6 | week's wonderful sponsor Vanta. We'll be hearing more about them later on the podcast. |
| 1:42.9 | This week on Smashing Security. |
| 1:45.1 | We won't be talking about how British luxury carmaker Jaguar Land Rover has been hit |
| 1:49.7 | by a cyber attack, thus severely affected its retail and production systems. |
| 1:56.2 | You'll hear no discussion of how the US Department of Homeland Security has fired 24 people |
| 2:02.0 | after hackers broke into FEMA, the Federal Emergency Management Agency, |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.