Rosa Perez    https://thehackernews.com/2018/11/mobile-hacking-exploits.html

White hat hackers competition held Nov 13-14 in Tokyo found that Iphone X with IOS 12.1, Samsung Galaxy 9, Xiaomi Mi6 running the latest version of software from popular smartphone manufacturers can be hacked. A team of two researchers, Richard Zhu and Amat Cama, who named themselves Fluoroacetate, discovered and managed to exploit a pair of vulnerabilities in a fully patched Apple Iphone X over WiFi. For their target they chose to retrieve a photo that had recently been deleted from the Iphone. They also hacked in the Samsung Galaxy S9 by exploiting a memory heap overflow vulnerability in the phone's baseband component and obtaining code execution. Xiaomi Mi6 handset via NFC(near-field communications) which is using the touch-to-connect feature, they forced the phone to open the web browser and navigate to their specially crafted webpage. With the highest of 45 points and a total of $215,000 prize money, Fluoroacetate researchers Cama and Zhu earned the title "Master of Pwn, logging five out of six successful demonstrations of exploits against Iphone X, Galaxy S9, & Xiaomi Mi6. The vulnerabilities will be available in 90 days and they will remain open until the affected vendors issue security patches to address them.
 

Google says a bug in an API for its Google+ social networking service exposed personal details for about 500,000 accounts, but it believes the data wasn't misused. Google patched the bug in March but chose to not publicly disclose the problem, based on a recommendation made by its privacy and data protection office. Google's decision to not disclose the data leak is likely to raise eyebrows because technology companies have faced increasing pressure and regulatory scrutiny over their data handling and privacy practices.
https://www.bankinfosecurity.com/google-forced-to-reveal-exposure-private-data-a-11587