Naukri bug exposed recruiter email IDs via mobile apps: Report
Live Events
A bug in Naukri .com's mobile apps exposed the email addresses of recruiters using the platform to hire talent, according to a report by TechCrunch. The vulnerability has since been fixed.Security researcher Lohith Gowda , who discovered the issue, said it was caused by a flaw in the API used by Naukri's Android and iOS apps. The bug exposed recruiter email IDs when they viewed candidate profiles. The web version of Naukri.com was unaffected.'The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam,' Gowda told TechCrunch.He also warned that the data could end up in public breach databases or spam lists, making it susceptible to bot abuse or scams.A senior IT infrastructure executive at Naukri said the issue was resolved earlier this week and added that the company had 'detected no unusual activity that affects the integrity of user data'.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
5 hours ago
- Time of India
Apple WWDC 2025: 'Big' updates coming to iPhones, iPads, MacBooks; what may be the 'hardware announcement'
Apple's annual Worldwide Developers Conference (WWDC) kicks off on June 9, 2025, promising a week of groundbreaking software announcements that will shape the future of its ecosystem. Tired of too many ads? go ad free now Running through June 13, the event will feature a keynote from Apple CEO Tim Cook at 10 a.m. PT (10.30 pm IST), streamed on Apple's website, Developer app, and YouTube channel, alongside an in-person experience for select developers at Apple Park. Like every year, the event will be big on software. New naming and lot of new feaures likely coming to iOS, iPadOS, MacOS and more With the tagline 'Sleek Peek,' WWDC 2025 will see updates to iOS, iPadOS, macOS, watchOS, tvOS, and visionOS, with a focus on design and AI integration. The headline announcement is expected to be a redesign of Apple's operating systems, potentially rebranded with a year-based naming scheme: iOS 26, iPadOS 26, macOS 26, watchOS 26, tvOS 26, and visionOS 26. Reports suggest iOS 26 will undergo its most significant overhaul since iOS 7, introducing a unified design language with floating tab views, updated iconography, and glass-like UI effects inspired by the Vision Pro's aesthetic. This cohesive look aims to rival Google's Android 16 revamp, prioritizing fluidity and personalization across devices. Updates on Apple Intelligence Apple Intelligence, introduced in 2024, will see further enhancements, though not as the centerpiece. Rumors indicate Apple will open its Foundation Models to third-party developers, enabling custom AI-powered features in apps like Safari and Photos, which may be quietly rebranded as 'AI-powered.' Tired of too many ads? go ad free now A long-awaited Siri overhaul remains in development but is unlikely to debut fully. Additionally, an AI-powered coding tool, possibly in partnership with Anthropic, could be introduced for Xcode, streamlining app development. iPadOS 26 may introduce a 'Pro' version with advanced multitasking, improved external display support, and professional-grade apps, catering to power users. watchOS 26 is expected to support third-party Control Center widgets, while tvOS 26 could feature a revamped CarPlay UI and animated lock screen artwork. visionOS 26 may bring native support for gaming controllers like PlayStation and Xbox, alongside minor UI tweaks to bolster Apple's spatial computing push. Likely hardware announcements at WWDC 2025 Hardware announcements are less likely, as Apple's recent M4 MacBook Air release and focus on fall hardware events suggest a software-driven WWDC. However, speculation persists about a potential M4 Ultra chip reveal or Mac Pro updates, though these are considered long shots. Developers will have access to over 100 technical sessions, online labs, and one-on-one consultations with Apple experts, covering topics like Swift, machine learning, and AR/VR tools. The Swift Student Challenge will also spotlight emerging talent, with 50 Distinguished Winners invited to a three-day Apple Park experience. As Apple aims to balance innovation with its privacy-first ethos, WWDC 2025 is set to lay the groundwork for a smarter, more cohesive ecosystem, with iOS 26 leading the charge. Stay tuned for live updates as Apple unveils its vision for the future.
India Today
7 hours ago
- India Today
KiranaPro blames ex-employee after massive data wipe, but will not rule out hack
Earlier this week, homegrown grocery-tech startup KiranaPro suffered what is being described as its most significant data loss to date. While the company initially suspected foul play by an external actor, a recent post by the CEO suggests a rather different narrative. Co-founder and CEO Deepak Ravindran took to X (formerly Twitter) to shed light on the incident, stating that following an internal investigation, the company believes a former employee may be responsible. According to him, an ex-employee, whose identity has not been disclosed, deliberately erased all company data. However, it's important to note that no concrete evidence has yet been presented to support this claim. India Today attempted to contact the company for clarification, but received no posted, "After careful investigation, we conclude that this was not a hack. No external party penetrated our ordering or payment systems, exploited vulnerabilities, or bypassed security protocols. Our external security posture remains intact, and there is no evidence of any unauthorized access from outside the organisation." "Instead, this was an internal data breach. Specifically, it was the result of actions taken by a trusted internal employee who had legitimate access to our systems. This individual intentionally deleted critical server logs while they were being tested and/or edited, an action that goes directly against our policies, our principles, and the trust we place in our team," he added. advertisement According to a TechCrunch report, the Bengaluru-based startup KiranaPro discovered last week that it had lost access to its back-end servers, and that critical data, including its app's source code, had been wiped from GitHub. On Friday, the company attributed the breach to a former employee. However, in a follow-up conversation with TechCrunch, KiranaPro's co-founder and CEO, Deepak Ravindran, admitted the company had failed to revoke the ex-employee's access after their departure, leaving open the possibility that their account may have been misused maliciously. 'To investigate thoroughly, we'll need a full forensic review,' Ravindran said, adding that the matter would be escalated to the board, investors, and legal counsel for a formal opinion on next on the same, Ravindran also highlighted the same in his post. He said that while the team is working to get the app back up live, it has also initiated a full forensic report to determine the complete scope and impact of the data deletion. He added, as part of its corrective measures, KiranaPro has bolstered access controls, enhanced audit logging, and restructured its multi-factor authentication protocols. Additionally, the firm has introduced a one-to-one entry log for database access and reinforced internal policies through improved training on data governance and privileged access. Legal and disciplinary proceedings are also being pursued against the individual deemed responsible, in accordance with the seriousness of the after posting this long and heavy post, the CEO says he cannot fully rule out the external hack option. TechCrunch reported that Ravindran has reservations about going full in to find the culprit. He said that to rule out the external hack option completely, the company has to run rigorous IP scans, which means a lot of resources will be consumed in the process. Hence, the company has decided not to delve deeper into the company does not want to investigate the third-party hacking option, it is keen to call out the former employee. In the report, Ravindran claims that the company has enough evidence, like GitHub response, to file an official complaint. But, the next steps are yet to be the X post, CEO stated that KiranaPro app (launched in December 2024) will be back in just a few months, with much better security measures. The platform, a buyer-facing application integrated with the Indian government's Open Network for Digital Commerce (ONDC), currently serves around 55,000 customers, with 30,000 to 35,000 active buyers spread across 50 cities, placing approximately 2,000 orders each day. What sets KiranaPro apart from conventional grocery apps is its voice-enabled interface, which supports multiple languages including Hindi, Tamil, Malayalam, and English, allowing users to place orders using simple voice commands.
Time of India
10 hours ago
- Time of India
iPhone users report Mail app issues after iOS 18.5 update; here's how to fix the problem temporarily
Representative Image Several iPhone users have reported facing technical issues with the Apple Mail app since updating to iOS 18.5. These problems include the app freezing, failing to respond, or displaying a blank or white screen. Users affected by this bug have shared their experiences across various online forums, including Reddit, MacRumors, and Apple's official discussion community. The widespread complaints indicate that this is a common problem for those who have installed the recent iOS update. How the iOS 18.5 update is affecting Mail app users on iPhone As per users' complaints, the issue seems to affect various iPhone models, with no specific device being singled out. The one common factor is that the problem reportedly began after installing iOS 18.5. However, these reports have only surfaced recently, even though Apple rolled out this version nearly a month ago. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Medical Mystery Solved: Dementia and Memory Loss Has Been Linked To This Common Thing. vitalgethealth Click Here Undo How to temporarily fix the Mail app issue in iOS 18.5 As the cause of the issue remains unknown, many of the affected users noted that closing and reopening the app resolves the issue, but only temporarily. Even restarting the phone is a band-aid at best, as the issue seems to invariably return. On Apple's discussion community, one person said that they spoke with an Apple support rep who advised them to force restart their phone. After taking that advice, the person said that Apple Mail had been working for more than four hours. Moreover, the Mail app bug doesn't seem to be affecting all iPhone users, as some noted that it's working fine for them even after installing the update. Apple has also yet to share any details or officially acknowledge the issue. Until the company does that and rolls out a fix, affected users are advised to contact Apple support for help. What to Expect at WWDC 2025: iOS 19, AI, M4 Macs & More AI Masterclass for Students. Upskill Young Ones Today!– Join Now
