CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 18, 2026

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

Graham Cluley Archived Jun 18, 2026 ✓ Full text saved

What if your AI coding assistant could be tricked into stealing your own company's secrets - by reading a single booby-trapped bug report? No phishing email. No malware. No password ever stolen. Just an AI doing exactly what it was told. Meanwhile, someone themselves Nightmare Eclipse has decided to teach Microsoft a lesson. The result? Three zero-days dropped on the internet, one of which lets a thief with a USB stick walk straight past BitLocker. Microsoft is furious. Plus don't miss our featu

Full text archived locally
✦ AI Summary · Claude Sonnet


    Graham Cluley @ 12:10 am, June 18, 2026  @grahamcluley.com  / grahamcluley What if your AI coding assistant could be tricked into stealing your own company’s secrets – by reading a single booby-trapped bug report? No phishing email. No malware. No password ever stolen. Just an AI doing exactly what it was told. Meanwhile, someone themselves Nightmare Eclipse has decided to teach Microsoft a lesson. The result? Three zero-days dropped on the internet, one of which lets a thief with a USB stick walk straight past BitLocker. Microsoft is furious. Plus don’t miss our featured interview with Son Nguyen Kim of Proton Pass, who explains why plugging AI agents into your email and calendar without thinking twice is rather like hiring a new employee with the keys to everything – and skipping the background check. All this and more in episode 472 of the “Smashing Security” podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Paul Ducklin. Smashing Security #472 AI gets hacked, and BitLocker gets bypassed ↺ 15 ↻ 30 0:00 0:00 0:00 0:00 1× Show full transcript ▼ Host: Graham Cluley:  @grahamcluley.com  @gcluley@mastodon.green  / grahamcluley Guest: Paul Ducklin:  @pducklin@infosec.exchange  / pducklin Episode links: ShinyHunters claims 61M Sysco records – Cybernews. Derbyshire police officer under investigation for using AI to create evidence – Derbyshire Times. Maine forced to take down data breach portal after fake notices filed with authorities – Hot for Security. A Fake Bug Report Hijacks Your AI Coding Agent – and Nothing Catches It. – Tenet Security. Agentjacking: a fake bug report hijacks AI coding agents – TNW. When anti-virus goes rogue – A trifecta of Defender zero-days – SolCyber. BitLocker in crisis? The “YellowKey” zero-day in plain English – SolCyber. Microsoft versus Full Disclosure: The ongoing Nightmare Eclipse saga – SolCyber. BitLocker, Defender, zero-days, and bragging rights: More MS nightmares – SolCyber. Inside the FBI’s Kinetic Cyber Range – FBI. Inside the FBI’s Kinetic Cyber Range – YouTube. Computer worm strikes International Space Station – Graham Cluley. Raspberry Pi Zero W – Raspberry Pi. There’s still life in old technology. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Proton Pass – The password manager for businesses that can’t compromise on security or slow their team down. Start a free trial. Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! CoreView – How secure is your Microsoft 365 tenant? Find out with CoreView’s free Microsoft 365 Tenant Security Scanner. Support the show: You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser. Join Smashing Security PLUS for ad-free episodes and our early-release feed! Follow us: Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes. Thanks: Theme tune: “Vinyl Memories” by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Found this article interesting? Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive content we post. AI Data loss Encryption Malware Microsoft Podcast Windows #AI #artificial intelligence #BitLocker #data breach #Microsoft #Podcast #Smashing Security #vulnerability Graham Cluley Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and hosts the popular "Smashing Security" podcast. Follow him on TikTok, LinkedIn, Bluesky and Mastodon, or drop him an email.
    💬 Team Notes
    Article Info
    Source
    Graham Cluley
    Category
    ◇ Industry News & Leadership
    Published
    Jun 18, 2026
    Archived
    Jun 18, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗