Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Google’s Email Leak Blunder: Privacy Promises Up in Smoke!
Google could leak YouTube channel email addresses, thanks to vulnerabilities found by a researcher named Brutecat. By sharing a Pixel Recorder file with a Gaia ID, email addresses were exposed, despite notifications being blocked with a sneaky script. Initially awarded $3,133, Google upped the bounty to $10,633 after recognizing the risk.
Hot Take:
Google’s accidental leak of YouTube email addresses is like a magician accidentally dropping his rabbit out of the hat – not a great look for a company that promised to keep its tricks under wraps. But hey, at least they fixed it and threw some cash at the guy who pulled back the curtain on their privacy goof-up!
Key Points:
- Security researcher Brutecat found two vulnerabilities in Google’s system that could reveal YouTube email addresses.
- By exploiting these flaws, email addresses could be exposed via Google’s People API and Pixel Recorder app.
- Google initially offered a $3,133 bounty but later increased it to $10,633 after realizing the high exploitation potential.
- Fortinet discovered a CVSS 8.0 vulnerability in FortiOS, impacting administrative privileges.
- Cisco addressed a security incident involving the Kraken ransomware group claiming data leaks.
Already a member? Log in here