If your iPhone or Mac has started acting like it’s possessed – specifically, if the Apple Podcasts app keeps popping open on its own to play random shows you’ve never heard of – you aren’t crazy.
Users have been reporting this for months. One minute their device is idle, and the next, the Podcasts app launches itself and loads up bizarre, obscure shows. These aren’t top-chart hits; they are often random religious sermons, empty audio files, or shows with titles full of gibberish code.
Ghost Podcasts and Auto-Launches
Security researcher Patrick Wardle dug into this and found something unsettling: a website can force your Podcasts app to open and load any show the site owner wants, all without asking for your permission. On a Mac, most apps ask before launching from a web link (like Zoom does), but Podcasts apparently skips that safety check entirely.
Even sketchier? Some of these “ghost” podcasts contain links in their descriptions that try to run malicious code (called an XSS attack) or redirect you to scam websites.
Why It Matters: Security Blind Spots
The scary part isn’t really the weird podcasts themselves; it’s how they are getting there.
The fact that an outsider can remotely trigger an app on your phone or laptop to open and load specific content without you touching anything is a major security red flag. Wardle notes that this isn’t a full-blown “hack” of your device yet, but it’s a wide-open door that shouldn’t be there. It essentially turns the Podcasts app into a delivery system for scams or malware.
Think of it like the old “Google Calendar spam” issue, where random events would appear on your schedule with shady links. This is the same concept, but it’s happening in an app you likely trust implicitly. If attackers find a deeper crack in the app’s code, they could use this auto-launch trick to do serious damage.
What’s Next: Will Apple Fix This?
Here is the frustrating part: Apple hasn’t said a word. Despite this happening for months and researchers ringing the alarm bells, there has been no public acknowledgement and no fix released yet.
Security experts think bad actors are currently “probing” the system – basically testing the fences to see what they can get away with. Until Apple patches this loophole, be skeptical. If your Podcasts app opens uninvited, don’t get curious. Close it immediately and definitely do not click any links in those weird show notes.
