Security
Headlines
HeadlinesLatestCVEs

Tag

#google

Google Bug Allowed Brute-Forcing of Any User Phone Number

The weakness in Google's password-recovery page, discovered by a researcher called Brutecat, exposed private user contact information to attackers, opening the door to phishing, SIM-swapping, and other attacks.

DARKReading
Open in Source
#google
Patch Tuesday, June 2025 Edition

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.

20 Top-Level Domain Names Abused by Hackers in Phishing Attacks

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

Google bug allowed phone number of almost any user to be discovered

Google has fixed a vulnerability in its account recovery flow which could have allowed attackers to find linked phone numbers.

About Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-32701, CVE-2025-32706) vulnerabilities

About Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-32701, CVE-2025-32706) vulnerabilities. When Microsoft disclosed these vulnerabilities in the May Patch Tuesday, attackers were already exploiting them in the wild. The Common Log File System (CLFS) is a general-purpose logging service that can be used by software clients running in user-mode or kernel-mode. […]

Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account

Google has stepped in to address a security flaw that could have made it possible to brute-force an account's recovery phone number, potentially exposing them to privacy and security risks. The issue, according to Singaporean security researcher "brutecat," leverages an issue in the company's account recovery feature. That said, exploiting the vulnerability hinges on several moving parts,

A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account

Phone numbers are a goldmine for SIM swappers. A researcher found how to get this precious piece of information through a clever brute-force attack.

Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise

You don’t need a rogue employee to suffer a breach. All it takes is a free trial that someone forgot to cancel. An AI-powered note-taker quietly syncing with your Google Drive. A personal Gmail account tied to a business-critical tool. That’s shadow IT. And today, it’s not just about unsanctioned apps, but also dormant accounts, unmanaged identities, over-permissioned SaaS

Litecoin Security: How to Spot, Avoid, and Recover from Crypto Scams

It seems not a day goes by without news of another crypto scam targeting unsuspecting holders. Those owning…