{"id":58170,"date":"2025-02-17T05:56:23","date_gmt":"2025-02-17T05:56:23","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/"},"modified":"2025-02-17T05:56:23","modified_gmt":"2025-02-17T05:56:23","slug":"twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/","title":{"rendered":"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps"},"content":{"rendered":"<p><span class=\"label\">Infosec In Brief<\/span> A security researcher has found that Google could leak the email addresses of YouTube channels, which wasn\u2019t good because the search and ads giant promised not to do that.<\/p>\n<p>A security researcher who goes by Brutecat last week <a href=\"https:\/\/brutecat.com\/articles\/leaking-youtube-emails#timeline\" rel=\"nofollow\">explained<\/a> he found two vulnerabilities that, when chained, make it possible to sniff out the email addresses, despite Google\u2019s promises of privacy.<\/p>\n<p>It all started when Brutecat was digging through Google&#8217;s People API and found out that a function that allows blocking a YouTube user relied on an obfuscated \u201cGaia\u201d ID. Gaia is the ID management system for all Google products. Brutecat pointed out that, per a Google support page, blocking someone on YouTube extends to other Google services, meaning it&#8217;s their Gaia ID that&#8217;s blocked, not their YouTube account.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;In the past, there&#8217;s been several bugs to resolve [Gaia IDs] to an email address, so I was confident there was still a Gaia ID to Email in some old obscure Google product,&#8221; Brutecat wrote.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>The researcher was right: he found just such a link in the web version of Pixel Recorder, a <a href=\"https:\/\/recorder.google.com\/\" rel=\"nofollow\">audio recording app for Google Pixel devices<\/a> .<\/p>\n<p>By sharing a recording from the web version of Pixel Recorder to a Gaia ID and examining the web request, the target&#8217;s email was exposed. Normally, this action would trigger a share notification to the target, but Brutecat bypassed it by running a Python script that assigned an extremely long filename (about 2.5 million characters), causing the notification to fail.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Brutecat submitted the matter for a Google bug bounty, and at first was told it was worth $3,133. After some additional thinking on the matter, Google decided it had a high likelihood of exploitation, and awarded an additional $7,500.<\/p>\n<p>Google fixed the flaws that made this possible.<\/p>\n<div class=\"boxout\" readability=\"18.221547799697\">\n<h3 class=\"crosshead\">Critical vuln of the week: FortiOS follies<\/h3>\n<p>Last week\u2019s <a href=\"https:\/\/www.theregister.com\/2025\/02\/12\/patch_tuesday_february_2025\/\">Patch Tuesday<\/a> means most nasty bugs have already been revealed, so the worst of the rest is a CVSS 8.0 vulnerability in Fortinet&#8217;s FortiOS (<a href=\"https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-24-302\" rel=\"nofollow\">CVE-2024-40591<\/a>) spotted by one of the firm&#8217;s own employees. This flaw allows an authenticated administrator with Security Fabric permissions to escalate their privileges to super-admin.<\/p>\n<p>According to Fortinet, the exploitation requires connecting the targeted FortiGate system to a another FortiGate controlled by the attacker.<\/p>\n<p>While successful exploitation requires specific conditions, this one looks a strong candidate for attention in your next change window.<\/p>\n<\/div>\n<h3 class=\"crosshead\">Release the data, Kraken, says Cisco; See if we care<\/h3>\n<p>The Kraken ransomware gang last week <a href=\"https:\/\/cyberpress.org\/cisco-data-breach-2\/\" rel=\"nofollow\">claimed<\/a> to have hit Cisco, reportedly leaking a bundle of sensitive data, including privileged administrator account credentials, Switchzilla\u2019s Kerberos ticket system, and more.<\/p>\n<p>The networking giant said the leak is nothing to panic about.<\/p>\n<p>&#8220;Cisco is aware of certain reports regarding a security incident,&#8221; a company spokesperson <em>The Register<\/em>. &#8220;The incident referenced in the reports occurred back in May 2022, and we fully addressed it at that time.&#8221;<\/p>\n<h3 class=\"crosshead\">DOGE geniuses build wonky website<\/h3>\n<p>Elon Musk&#8217;s <a href=\"https:\/\/www.theregister.com\/2025\/02\/10\/doge_infosec_impact_court_order\/\">code crusaders<\/a> in the Department of Government Efficiency (DOGE) hastily spun up a website last week after Musk <a href=\"https:\/\/abcnews.go.com\/Politics\/elon-musk-faces-1st-questions-doges-transparency-joins\/story?id=118705771\" rel=\"nofollow\">claimed<\/a> his team was being transparent.<\/p>\n<p>It&#8217;s not a great site.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Questionable design choices aside, <a href=\"http:\/\/doge.gov\" rel=\"nofollow\">doge.gov<\/a> appears to have just been built using the Cloudflare Pages webpage building platform connected to a database that, <a href=\"https:\/\/www.404media.co\/anyone-can-push-updates-to-the-doge-gov-website-2\/\" rel=\"nofollow\">according<\/a> to a pair of web developers who talked to 404 Media, anyone can write and see their changes appear on the website.<\/p>\n<p>By examining the API endpoints of the database, one of the developers was able to post changes to the site mocking the expertise of its builders and disparaging its design. Both said that it appeared the site wasn&#8217;t even running on government servers and was instead hosted by Cloudflare.<\/p>\n<h3 class=\"crosshead\">Zacks attack: Data on 12M users posted online<\/h3>\n<p>Customers of Zacks Investment Research, take note: If you were a customer prior to June, 2024, there&#8217;s a good possibility your data is now available online.<\/p>\n<p>Have I Been Pwned <a href=\"https:\/\/haveibeenpwned.com\/PwnedWebsites#Zacks2024\" rel=\"nofollow\">added<\/a> Zacks to its listing &#8211; for the <a href=\"https:\/\/haveibeenpwned.com\/PwnedWebsites#Zacks\" rel=\"nofollow\">second<\/a> time in recent years &#8211; this week after an attacker published 12 million unique email addresses worth of information on a hacking forum. Along with the email accounts, the leak included IP and physical addresses, names, usernames, phone numbers, and unsalted SHA-256 password hashes. The breach in which the data was stolen reportedly took place in June, 2024.<\/p>\n<p>The threat actor <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hacker-leaks-account-data-of-12-million-zacks-investment-users\/\" rel=\"nofollow\">reportedly<\/a> gained access to Zacks&#8217; files via an Active Directory administrator account and used it to steal source code from a number of sites owned by the company.<\/p>\n<p>Zacks hasn&#8217;t confirmed the incident to anyone who has asked, but suffice it to say, it&#8217;s probably not a bad idea to change your password if you&#8217;re a Zacks customer.<\/p>\n<h3 class=\"crosshead\">FBI pats itself on back for stopping cryptocurrency scams<\/h3>\n<p>The FBI last week claimed a year-long operation has seen it prevent over 4,300 folk across the US from falling prey to cryptocurrency investment scams, saving them more than $285 million.<\/p>\n<p>Seventy-six percent of the crypto scam victims that \u201cOperation Level Up\u201d <a href=\"https:\/\/www.fbi.gov\/news\/press-releases\/fbi-takes-action-to-protect-your-hard-earned-money\" rel=\"nofollow\">intervened<\/a> to rescue were unaware they were being ripped off, the FBI said last week. The scams its working to stop frequently involve &#8220;unsolicited online contact, a long period of trust building, fake investment opportunities, and a false sense of urgency,&#8221; the bureau explained.<\/p>\n<p>That\u2019s the way <a href=\"https:\/\/www.theregister.com\/2024\/12\/17\/interpol_stop_saying_pig_butchering\/\">pig butchering<\/a> schemes<\/p>\n<p>operate.<\/p>\n<p>The FBI won&#8217;t say how it identified potential victims, only mentioning the use of &#8220;sophisticated techniques&#8221; that are able to identify people &#8220;actively being defrauded.\u201d. Once the investigators contact a fraud target, they reportedly educate them about how such scams work in the hope they won\u2019t be fooled again.<\/p>\n<p>&#8220;Unfortunately, we continue to see these scams grow and evolve every day,&#8221; said FBI CID assistant director Chat Yarbrough. &#8220;It doesn&#8217;t matter where the subjects are\u2014we will use every tool at our disposal to stop them from targeting U.S. citizens.&#8221; \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2025\/02\/17\/infosec_news_in_brief\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>PLUS: DOGE web design disappoints; FBI stops crypto scams; Zacks attacked again; and more! Infosec In Brief\u00a0 A security researcher has found that Google could leak the email addresses of YouTube channels, which wasn\u2019t good because the search and ads giant promised not to do that.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-58170","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-17T05:56:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps\",\"datePublished\":\"2025-02-17T05:56:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/\"},\"wordCount\":1002,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/\",\"name\":\"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2025-02-17T05:56:23+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/","og_locale":"en_US","og_type":"article","og_title":"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2025-02-17T05:56:23+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps","datePublished":"2025-02-17T05:56:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/"},"wordCount":1002,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/","url":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/","name":"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2025-02-17T05:56:23+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Z7PzmPtTamomjDwnuQR8ZAAAAcU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/twin-google-flaws-allowed-researcher-to-get-from-youtube-id-to-gmail-address-in-a-few-easy-steps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/58170","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=58170"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/58170\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=58170"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=58170"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=58170"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}