leaking

  • Blog
    digitpatrox3 weeks ago
    47

    Google patched bug leaking phone numbers tied to accounts

    A vulnerability allowed researchers to brute-force any Google account’s recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk for phishing and SIM-swapping attacks. The attack method involves abusing a now-deprecated JavaScript-disabled version of the Google username recovery form, which lacked modern anti-abuse protections. The flaw was discovered by security…

    Read More »
  • Blog
    digitpatroxMay 19, 2025
    81

    O2 UK patches bug leaking mobile user location from call metadata

    A flaw in O2 UK’s implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target. The problem was discovered by security researcher Daniel Williams, who says the flaw existed on O2 UK’s network since March 27, 2017, and was resolved yesterday. O2 UK is a British…

    Read More »
  • Blog
    digitpatroxAugust 15, 2024
    280

    GitHub Actions artifacts found leaking auth tokens in popular projects

    Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows. Attackers stealing these tokens could gain unauthorized access to private repositories, steal source code, or inject malicious code into projects. The discovery by Palo Alto Networks’ Unit 42 prompted action by owners of…

    Read More »
Back to top button
close