all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Misconfigurations in Google Firebase lead to over 19.8 million leaked secrets

Add to bookmarks
April 2, 2024, 2:41 p.m. | Dwayne McDaniel

DEV Community dev.to

On March 19th, news broke that researchers uncovered more than 19.8 million plaintext credentials publicly exposed through instances of Google's Firebase. Firebase is a popular app development platform used by over 3 million developers worldwide and nearly 4,000 enterprises.


In mid March, three security researchers, mrbruhxyzeva and logykk, discovered the secrets while checking more than 5 million websites for security flaws. This was a follow-up to previous research, in which they were able to gain "superadmin" …

app app development credentials developers development enterprises exposed firebase google google firebase leaked leaked secrets march misconfigurations passwords plaintext platform popular researchers secrets security security researchers uncovered

Visit resource

More from dev.to / DEV Community

📌 AWS Under the Hood - Day 10 - How to Revoke Temporary IAM Credentials … 50 minutes ago | dev.to
access aws credentials devops +11
Penetration Testing Tools an hour ago | dev.to
assets attack challenge cyber +25
Software Hardening Tools for System Defense 2 hours ago | dev.to
0patch agent aurora budget +16
Day 0: JavaScript 3 hours ago | dev.to
block building call corporate +17
Congrats to the Coze AI Bot Challenge Winners! 8 hours ago | dev.to
ai articles bot bots +15
Single-byte XOR cipher 9 hours ago | dev.to
100daystooffload challenge cipher crypto +15
Embracing Innovation: Best Practices for Adopting PHP 8.3 10 hours ago | dev.to
best practices development everything evolution +17
Optimizing Performance Using Prometheus with Node JS for Monitoring 12 hours ago | dev.to
application application monitoring application performance application performance monitoring +18
Securing Self-Hosted Services with CF Tunnel Gate 14 hours ago | dev.to
bot called hosting malicious +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs