A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Fuzzy Duck - Wikipedia.Cybercrime author Geoff White demonstrates his NSFW balloon trick at the "Smashing Security" podcast Christmas party - Reddit.Rule 34 - Wikipedia.We are (temporarily) offline - InflateVids on Patreon.Fast Company’s Apple News access hijacked to send an obscene push notification - The Verge.Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’ - Vice.The WordPress backdoor with its own backdoor! (And fake CVE numbers, too) - Paul Ducklin.Russian influence and cyber operations adapt for long haul and exploit war fatigue  - Microsoft.How Zelensky became Hollywood man of the hour - The Guardian.Nigel Farage wishes Hugh Janus a happy birthday - YouTube.Don Johnson - Cameo.Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky - The Register.Winning hearts and minds - Military Wiki.AdGuard Home - GitHub.Garmin Edge 130 Plus - Garmin.Garmin Connect IQ - Garmin.The Thermapen.Flat Whisk Stainless Steel Egg Beater Mixer Kitchen Tool - Amazon.