Set as Homepage - Add to Favorites

【Watch A Sexy Wedding Planner Online】

Source:Warmth Information Network Editor:Social Good Time:2025-06-26 12:05:50

Google has fixed a security flaw that exposed the email addresses of YouTube users,Watch A Sexy Wedding Planner Online a potentially massive privacy breach.

Google — which owns YouTube — has confirmed that the vulnerabilities discovered by cybersecurity researchers, who go by Brutecat and Nathan, have been addressed, according to a report in BleepingComputer.

Aside from the breach of privacy that would've affected all YouTube accounts, many YouTubers like controversial content creators, investigators, whistleblowers, and activists keep their identities anonymous to protect their safety. Exposing such users' emails could have had huge ramifications.

You May Also Like
SEE ALSO: Google is reportedly developing a ‘fake’ email feature to help you avoid spam

Brutecat discovered that blocking a user on YouTube revealed a unique internal identifier Google uses for each user across all of its platforms (Gmail, Google Drive, etc.) called a Gaia ID. They then figured out that simply clicking the three dot icon of a user's live chat profile to access the block function triggered an API request that revealed their Gaia ID.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

This in itself is already a security flaw since it exposed the unique identifiers for YouTube accounts that is only meant to be used internally. But now that Brutecat was able to retrieve users' Gaia IDs, they set out to see if they could reveal the email addresses associated with each ID.

With Nathan's help, the two researchers surmised they could do this with "old forgotten Google products since they probably contained some bug or logic flaw to resolve a Gaia ID to an email." Using Google's Recorder app for Pixel devices, they tested sharing a recording with an obfuscated Gaia ID and blocked the user from receiving an email notification by renaming the file with a 2.5 million letter name, which broke the email notification system because it was too long.

Now that the hypothetical victim wouldn't be notified, the researchers sent the file sharing request with the Gaia IDs, effectively converting the ID into an email address.

Related Stories
  • Apple Maps follows Google, relabels Gulf of Mexico as America
  • Google: We're not participating in European fact-checking rules for Search or YouTube
  • YouTuber GamersNexus sues Honey over alleged scam

Thanks to Brutecat and Nathan's sleuthing, Google was able to lock down that vulnerability and prevent hackers from accessing everyone's email address associated with their YouTube accounts. The vulnerability was disclosed to Google in Sep. 2024 and was finally fixed on Feb. 9, 2025. That's a long time for potential exposure, but Google confirmed to BleepingComputer that there were "no signs that any attacker actively exploited the flaws."

In exchange for their work, the researchers received a cool $10,633. Phew, crisis averted.

Topics Cybersecurity YouTube

Previous:Turtle Beach Recon 50P gaming headset deal: 28% off

Next:Best headphone deal: Take 22% off the Sonos Ace at Amazon

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Another video on YouTube intended for kids is going viral for all the wrong reasonsInstagram can't stop flood of grisly photos from Bianca Devins' murderWhere do women filmmakers stand in India’s major film festival?Apple will allow thirdHow to learn the basics of floral design onlineApple Music is coming to Teslas soon, report claims'The White Lotus' isn't a whodunnit. So why are we watching it like one?The U.S. is building its case against FTX founder Sam Bankman'The White Lotus' Season 3: Behold, our dream castAnother Roomba ran over dog poop and then proceeded to 'clean' the houseWe regret to inform you that brands are storming Area 51 memesSeth Rogen calls out Twitter on Lil Nas X’s big day as CEOApple Music is coming to Teslas soon, report claims'The White Lotus' isn't a whodunnit. So why are we watching it like one?'Avatar: The Way of Water' review: Can James Cameron go too big?Wordle today: Here's the answer, hints for December 13Ivanka Trump congratulates Boris Johnson, next PM of the 'United Kingston'Xiaomi 13 Pro flagship has a Snapdragon 8 Gen 2 chipMorocco vs Portugal livestream: How to watch FIFA World Cup quarterfinals live3 reasons why 'Crisis Core: Final Fantasy VII Reunion' is a must Boeing Starliner arrives at ISS WWDC 2024: AirPods will let you accept calls by nodding Mars dust devils leave wild tracks all over Martian crater A meteorite punched a hole in a dog house. Now it's a collector's item. WWDC 2024: iOS 18 features include scheduling texts and more iMessage tapbacks Stunning fat bear wakes up from hibernation and is still huge SpaceX achieves incredible feat of 3 launches in 36 hours China’s local governments consider purchasing Tesla cars for the first time: report · TechNode NASA rover spots strange Martian rock revealing wild watery past Behold the Milky Way's supermassive black hole in first Bangladesh vs. Netherlands 2024 livestream: Watch T20 World Cup for free Spotify will help you curate a personalised Glastonbury lineup A NASA rover just found trash on Mars See NASA's tenacious Ingenuity helicopter soar over Mars NASA demonstrates power of Webb telescope with Spitzer comparison NYT's The Mini crossword answers for June 9 Wordle today: The answer and hints for June 10 Huawei’s HarmonyOS kernel achieves 100% self NASA's InSight lander will run out of power, ending historic Mars mission NASA's Mars Curiosity rover spots rocks resembling fingers

1.967s , 8225.078125 kb

Copyright © 2025 Powered by 【Watch A Sexy Wedding Planner Online】,Warmth Information Network  

Sitemap

Top

Quick Links