We have released an update today to ensure we use only HTTPS resources in our website, RSS feeds and embedded podcast players. This ensures HTTPS-only loading for all users of our embedded podcast players.
Note that because we use Amazon Cloudfront CDN to distribute these resources this requires SNI support in the browsers. Old browsers may fail to load images correctly but the player will still be fully functional. (Affected browsers are a very small single-digit percentage of our traffic, so impact should be low.)