Naukri exposed recruiter email addresses, researcher says

Naukri.com, a popular Indian employment website, has fixed a bug that exposed the email addresses of recruiters using its platform to search and hire talent online.
The issue, discovered by security researcher Lohith Gowda, affected the API that Naukri used on its Android and iOS apps. The API exposed the email addresses of recruiters visiting profiles of potential candidates on Naukri's platform. The issue did not appear to affect the company's website.
"The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam," Gowda told TechCrunch.
He added that exposed email IDs could be added to public breach databases or spam lists, and mass email address scraping could lead to automated bot abuse or scams.
TechCrunch verified the exposure after the researcher shared details about the bug. The researcher confirmed to TechCrunch that the issue was fixed earlier this week, which Naukri corroborated on Friday.
"All identified enhancements are implemented, ensuring our systems remain updated and resilient," Alok Vij, IT infrastructure head at Naukri's parent company InfoEdge, told TechCrunch over email. "Our teams have not detected any usual activity that affects the integrity of user data."
Founded in March 1997, Naukri.com is India's top classified recruitment website, helping connect recruiters, employers, and job seekers. Apart from India, the site exists in the Middle East as Naukrigulf.com.
"Certain features of our recruiter profiles are designed to be public to enable users to know who has access to their profile(s). We conduct regular audits and security assessments," said Vij.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Yahoo

an hour ago

• Yahoo

Why You Should Never Click Old Discord Invite Links

If you've received an invite link to Discord but never used it to join that specific server, don't click through it weeks or months later. As Bleeping Computer reports, hackers have repurposed Discord invite links that have expired or been deleted to deliver malware, including infostealers and keyloggers. How Discord links are spreading malware The malware campaign, identified by Check Point Research, capitalizes on a flaw in how Discord handles invite links, which can be temporary or permanent or, for paid servers with Level 3 Boost status, customized. URLs to join regular Discord servers are randomly generated and unlikely to ever repeat, but vanity links—as well as expired temporary invite links and deleted permanent invite links—can be claimed and reused. Discord also allows invite codes with uppercase letters to be recycled in vanity links with lowercase letters while the original is still active. This means that hackers can redirect users to malicious servers via links originating from legitimate Discord communities. These links are being shared on social media and official community websites. When a user clicks the stolen link, they land on a Discord server that looks authentic and prompts them to verify their identity to unlock access. The verification link launches a ClickFix web page, which indicates that a (fake) CAPTCHA has failed to load and directs the user to "verify" by manually running a Windows command. This executes a PowerShell script, which downloads and installs the malware. The payload itself may include malicious programs—like AsynchRAT, Skuld Stealer, and ChromeKatz—that allow keylogging, webcam or microphone access, and infostealing to harvest browser credentials, cookies, passwords, Discord tokens, and/or crypto wallet data. According to Check Point's analysis, the malware has numerous features that allow it to evade detection by antivirus tools. The report also notes that while Discord took action to mitigate this specific campaign, the risk of similar bots or alternative delivery methods still exists. How to avoid malicious Discord links First and foremost, be wary of old Discord invite links, especially those posted on social media or forums weeks or months back. (Temporary invite URLs on Discord can be set to expire within 30 minutes or up to a default of seven days.) Don't click links from users you don't know and trust, and request a new invite rather than relying on an old one. You should use caution when engaging with verification requests, especially those that prompt you to copy and run manual commands on your device. ClickFix attacks via fake CAPTCHA requests abound, and any verification that tells you to execute a Run command is not legit. If you run a Discord server, use permanent invite links, which are harder to steal and repurpose than temporary or custom URLs.

Gizmodo

an hour ago

• Gizmodo

Tesla Might Have a Fix for the Elon Musk Problem

Tesla is having a nightmarish year, and much of the damage can be traced directly to its CEO, Elon Musk. After spending nearly $290 million to help Donald Trump return to the White House, Musk took on a tailor-made role in the administration, heading the new Department of Government Efficiency (DOGE). His push to slash federal agencies and cut social programs, combined with his embrace of controversial theories, sparked global protests outside Tesla showrooms. The company's liberal customer base, once its greatest asset, felt alienated, with many owners publicly regretting their purchases. The backlash has been brutal. In the first quarter, Tesla's global sales fell 13%, and its net income plummeted a staggering 71% to $409 million compared to the previous year. The company's stock is down over 20% since January. With early data suggesting the slide isn't stopping, the reputational damage looks deep and lasting, even after Musk's spectacular falling out with the president and departure from the administration. But Tesla may have an escape plan. According to a new report from Bloomberg, the automaker is turning its sights to India. The company is preparing to open its first showroom in Mumbai by mid-July, with another planned for New Delhi shortly after. A first shipment of Chinese-made vehicles, primarily the best-selling Model Y SUV, has already been sent to the country. This move isn't just about expansion; it's a strategic pivot toward the third-largest auto market in the world, a market that could potentially offset cratering demand in Europe and stiffening competition from Chinese rival BYD. For years, Tesla's attempts to enter India have failed, snagged by disagreements over local manufacturing requirements and pricing. The breakthrough appears to have come in February, after Musk met with Indian Prime Minister Narendra Modi during his state visit to Washington. The two leaders spoke again by phone in April. 'Spoke to @elonmusk and talked about various issues,' Modi posted on X. 'We discussed the immense potential for collaboration in the areas of technology and innovation.' Spoke to @elonmusk and talked about various issues, including the topics we covered during our meeting in Washington DC earlier this year. We discussed the immense potential for collaboration in the areas of technology and innovation. India remains committed to advancing our… — Narendra Modi (@narendramodi) April 18, 2025Musk responded enthusiastically, saying, 'I am looking forward to visiting India later this year!' It was an honor to speak with PM Modi. I am looking forward to visiting India later this year! — Elon Musk (@elonmusk) April 19, 2025For a company desperately needing to change the narrative, this pivot to a massive, untapped market could be the lifeline it needs. The question is whether a new chapter in India can be enough to fix the damage done at home. Tesla did not immediately respond to Gizmodo's request for comment.

Yahoo

2 hours ago

• Yahoo

Tesla (NasdaqGS:TSLA) Set To Enter Indian Market With First Showrooms In July

Tesla is set to make a significant shift, entering the Indian market in July 2025 with new showrooms. This expansion comes at a time when the company's stock price rose by 30% over the last quarter, amid flat market performance in the past week and a 10% rise over the past year. The entry into India is aimed at countering declining sales in Europe and China, which could have influenced investor sentiment. Despite challenges such as a recent lawsuit and executive changes, this regional expansion might add weight to the broader market uptrend. Tesla has 2 risks we think you should know about. The best AI stocks today may lie beyond giants like Nvidia and Microsoft. Find the next big opportunity with these 27 smaller AI-focused companies with strong growth potential through early-stage innovation in machine learning, automation, and data intelligence that could fund your retirement. The recent announcement of Tesla's expansion into the Indian market is a significant development that could influence its broader growth narrative. Despite facing challenges in other regions, this move may provide a new revenue stream, potentially mitigating some of the pressures from decreasing sales in Europe and China. Over the past five years, Tesla's shares have seen a very large total return of 403.51%, illustrating substantial long-term growth. When comparing to the previous year, Tesla's share return also surpassed the market, which returned 10%, and the US Auto industry, which posted a 60.9% gain over the past year. This suggests persistent investor confidence in Tesla, supporting its trajectory even amid short-term volatility. The strategic entry into a new market such as India might bolster revenue and earnings forecasts, as analysts anticipate a 16.6% annual revenue growth over the next three years. However, potential risks including geopolitical uncertainties and leadership changes could impact execution. With Tesla's current share price at US$275.35, it is trading close to the analyst consensus price target of US$289.44, suggesting a modest upside of 4.9%. This share price movement reflects mixed sentiments among investors regarding the balance of growth potential and inherent risks. Tesla's diverse initiatives, ranging from autonomous vehicles to energy solutions, underline its pursuit of long-term profitability, suggesting a complex interplay of factors influencing its market position. Gain insights into Tesla's outlook and expected performance with our report on the company's earnings estimates. This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned. Companies discussed in this article include NasdaqGS:TSLA. This article was originally published by Simply Wall St. Have feedback on this article? Concerned about the content? with us directly. Alternatively, email editorial-team@ Connectez-vous pour accéder à votre portefeuille