Latest news with #LohithGowda
Economic Times
25-05-2025
- Business
- Economic Times
Naukri bug exposed recruiter email IDs via mobile apps: Report
Live Events A bug in Naukri .com's mobile apps exposed the email addresses of recruiters using the platform to hire talent, according to a report by TechCrunch. The vulnerability has since been researcher Lohith Gowda , who discovered the issue, said it was caused by a flaw in the API used by Naukri's Android and iOS apps. The bug exposed recruiter email IDs when they viewed candidate profiles. The web version of was unaffected.'The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam,' Gowda told also warned that the data could end up in public breach databases or spam lists, making it susceptible to bot abuse or scams.A senior IT infrastructure executive at Naukri said the issue was resolved earlier this week and added that the company had 'detected no unusual activity that affects the integrity of user data'.
Time of India
25-05-2025
- Time of India
Naukri bug exposed recruiter email IDs via mobile apps: Report
A bug in Naukri .com's mobile apps exposed the email addresses of recruiters using the platform to hire talent, according to a report by TechCrunch. The vulnerability has since been fixed. Security researcher Lohith Gowda , who discovered the issue, said it was caused by a flaw in the API used by Naukri's Android and iOS apps. The bug exposed recruiter email IDs when they viewed candidate profiles. The web version of was unaffected. 'The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam,' Gowda told TechCrunch. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like 2025 Top Trending local enterprise accounting software [Click Here] Esseps Learn More Undo He also warned that the data could end up in public breach databases or spam lists, making it susceptible to bot abuse or scams. A senior IT infrastructure executive at Naukri said the issue was resolved earlier this week and added that the company had 'detected no unusual activity that affects the integrity of user data'. Live Events
Yahoo
24-05-2025
- Business
- Yahoo
Naukri exposed recruiter email addresses, researcher says
a popular Indian employment website, has fixed a bug that exposed the email addresses of recruiters using its platform to search and hire talent online. The issue, discovered by security researcher Lohith Gowda, affected the API that Naukri used on its Android and iOS apps. The API exposed the email addresses of recruiters visiting profiles of potential candidates on Naukri's platform. The issue did not appear to affect the company's website. "The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam," Gowda told TechCrunch. He added that exposed email IDs could be added to public breach databases or spam lists, and mass email address scraping could lead to automated bot abuse or scams. TechCrunch verified the exposure after the researcher shared details about the bug. The researcher confirmed to TechCrunch that the issue was fixed earlier this week, which Naukri corroborated on Friday. "All identified enhancements are implemented, ensuring our systems remain updated and resilient," Alok Vij, IT infrastructure head at Naukri's parent company InfoEdge, told TechCrunch over email. "Our teams have not detected any usual activity that affects the integrity of user data." Founded in March 1997, is India's top classified recruitment website, helping connect recruiters, employers, and job seekers. Apart from India, the site exists in the Middle East as "Certain features of our recruiter profiles are designed to be public to enable users to know who has access to their profile(s). We conduct regular audits and security assessments," said Vij. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
24-05-2025
- Yahoo
Naukri exposed recruiter email addresses, researcher says
a popular Indian employment website, has fixed a bug that exposed the email addresses of recruiters using its platform to search and hire talent online. The issue, discovered by security researcher Lohith Gowda, affected the API that Naukri used on its Android and iOS apps. The API exposed the email addresses of recruiters visiting profiles of potential candidates on Naukri's platform. The issue did not appear to affect the company's website. "The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam," Gowda told TechCrunch. He added that exposed email IDs could be added to public breach databases or spam lists, and mass email address scraping could lead to automated bot abuse or scams. TechCrunch verified the exposure after the researcher shared details about the bug. The researcher confirmed to TechCrunch that the issue was fixed earlier this week, which Naukri corroborated on Friday. "All identified enhancements are implemented, ensuring our systems remain updated and resilient," Alok Vij, IT infrastructure head at Naukri's parent company InfoEdge, told TechCrunch over email. "Our teams have not detected any usual activity that affects the integrity of user data." Founded in March 1997, is India's top classified recruitment website, helping connect recruiters, employers, and job seekers. Apart from India, the site exists in the Middle East as "Certain features of our recruiter profiles are designed to be public to enable users to know who has access to their profile(s). We conduct regular audits and security assessments," said Vij.
TechCrunch
24-05-2025
- TechCrunch
Naukri exposed recruiter email addresses, researcher says
a popular Indian employment website, has fixed a bug that exposed the email addresses of recruiters using its platform to search and hire talent online. The issue, discovered by security researcher Lohith Gowda, affected the API that Naukri used on its Android and iOS apps. The API exposed the email addresses of recruiters visiting profiles of potential candidates on Naukri's platform. The issue did not appear to affect the company's website. 'The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam,' Gowda told TechCrunch. He added that exposed email IDs could be added to public breach databases or spam lists, and mass email address scraping could lead to automated bot abuse or scams. TechCrunch verified the exposure after the researcher shared details about the bug. The researcher confirmed to TechCrunch that the issue was fixed earlier this week, which Naukri corroborated on Friday. 'All identified enhancements are implemented, ensuring our systems remain updated and resilient,' Alok Vij, IT infrastructure head at Naukri's parent company InfoEdge, told TechCrunch over email. 'Our teams have not detected any usual activity that affects the integrity of user data.' Founded in March 1997, is India's top classified recruitment website, helping connect recruiters, employers, and job seekers. Apart from India, the site exists in the Middle East as 'Certain features of our recruiter profiles are designed to be public to enable users to know who has access to their profile(s). We conduct regular audits and security assessments,' said Vij.
