A security vulnerability allowed attackers to obtain any Google user's phone number by exploiting IPv6's address space and bypassing botguard protections. The flaw exposed phone numbers through rate limit manipulation and infrastructure weaknesses.
DDoSecrets has released 410 GB of heap dump data obtained from a hack of TeleMessage's archive server. The data includes information from the company's customers, which reportedly include law enforcement agencies and financial institutions.
TeleMessage's customer list includes DC Police, Andreessen Horowitz, JP Morgan, and hundreds of other organizations, according to analysis of 410 GB of Java heap dumps from the company's archive server.
A security researcher discovered that BrowserStack is leaking users' email addresses. The researcher uses unique email addresses for each service and identified BrowserStack as the source of email leaks. This allows tracking which services are responsible for data exposure.
Micah Lee has created an open source research tool called TeleMessage Explorer to analyze data from a massive hack of TeleMessage, the company behind a modified Signal app used by Trump's former national security advisor Mike Waltz.
Apollo.io claims to have obtained the author's phone number from Parsely, Inc (wpvip.com), which participates in Apollo's customer contributor network by sharing data. The author questions whether WordPress VIP leaked their personal information.