Someone Is Hijacking Apple Podcasts – And It’s Really Weird

For months, something inexplicable has been happening inside Apple’s Podcasts ecosystem. Users on both iOS and macOS say the app is opening by itself, loading obscure religion and spirituality shows at random, and in at least one case, directing listeners toward what appears to be a malicious website.

It’s not a dramatic zero-day exploit, but it is strange enough that security researchers are now paying attention, especially because Apple hasn’t said a word about it, according to a 404 Media report published on November 27.

The behavior is consistent across reports. The Podcasts app launches on its own, surfaces an odd show that the user never subscribed to, and displays titles that look like corrupted links, abandoned RSS feeds, or old sermons pulled from forgotten corners of the internet.

Some episodes contain audio, while others are completely silent. Many of these feeds date back years, yet they’ve suddenly started appearing now without explanation.

A deeper look uncovered something more concerning. One of the mysterious podcast pages includes a redirect to a website attempting a classic cross-site scripting attack.

XSS isn’t cutting-edge hacking anymore, but it does involve injecting malicious code into a site that looks legitimate, hoping unsuspecting users will load it. It’s the same family of attacks that once enabled chaotic internet moments like the MySpace worm.

Experts Say The Behavior is Weird, But Potentially Meaningful

Security researcher Patrick Wardle tested the phenomenon himself and found that visiting certain websites can automatically trigger Apple Podcasts to open and load a show without user approval, without a pop-up, and without any of the usual macOS warnings that other apps (like Zoom) prompt for. As he said:

“The most concerning behavior is that the app can be launched automatically with a podcast of an attacker’s choosing. (…) I have replicated similar behavior, albeit via a website: simply visiting a website is enough to trigger Podcasts to open (and load a podcast of the attacker’s choosing), and unlike other external app launches on macOS (e.g., Zoom), no prompt or user approval is required.”

That level of silent interaction doesn’t constitute an attack on its own, he says, but it does create a delivery mechanism if a vulnerability exists within the Podcasts app, explaining that:

“Of course, very much worth stressing, on its own, this is not an attack. (…) But it does create a very effective delivery mechanism if (and yes, big if) a vulnerability exists in the Podcasts app.”

Wardle’s assessment echoes what other users have noticed. Someone appears to be probing Apple Podcasts, testing whether the app can be manipulated, and slipping in malformed links that could be used for more serious exploits.

A recent user review inside the Podcasts app outright asks how Apple allowed an attempted XSS attack on the platform at all. Specifically, the user gave one star to a podcast’s page, complaining:

“Scam. How does Apple allow this attempted XSS attack?”

The whole episode feels reminiscent of Google Calendar spam, where attackers pushed events onto users’ calendars containing phishing links and scams. The behavior wasn’t catastrophic, but it was persistent, annoying, and suggestive of a deeper systemic weakness.

In September, Apple users went on Reddit to express their frustrations concerning the resurgence of an iOS Calendar phishing scam, this time targeting mainly cryptocurrency users, in which scammers sent spam invites and exploited iCloud infrastructures to sell get-rich-quick crypto schemes that lead to losses.

For now, the situation sits in an uneasy middle ground, where it’s not dangerous enough to be an emergency, but strange enough that security researchers, longtime Apple users, and anyone who’s had a ghost podcast open on their screen can all sense something isn’t right.

More Must-Reads:

• Massive Security Flaw Puts 3 Billion WhatsApp Users at Risk
• Experts Question Claims of the First “AI Cyber-Espionage” – Pointing to Missing Evidence
• Lawsuit says Roblox became ‘a school shooter’s playground’ under a16z