Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns.
The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge.
The information exposed in a public cloud bucket included PII, church-donation information, photos and users’ contact lists.
Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far.
The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them.