A security researcher has discovered a vulnerability in Google s Waze app that can allow hackers to identify people using the navigation app and track them by their location. Security DevOps engineer Peter Gasper discovered an API flaw in the navigation software that allowed him to track the specific movements of nearby drivers in real time and even identify exactly who they are. Google said it already has patched the flaw and rewarded a bug bounty of $1,337 from Google’s Vulnerability Reward Program in January 2020.
Source: https://threatpost.com/googles-waze-track-users/160332/