Two five-alarm security flaws in a well-known Google data service have been found by researchers; either of these flaws could give hackers access to private information that could be used for widespread lateral movement This article explores enterprise looker isn. . Looker is a powerful business intelligence and data analytics platform; it should not be confused with the more basic Looker Studio.
In essence, it's a dashboard for data modeling, visualization, and other tasks. More than 60,000 businesses, including well-known brands like Wayfair, Coinbase, and Walmart, use it, according to data aggregator TheirStack. "In a typical enterprise, Looker isn't just a dashboard — it is the central nervous system for data," says Tenable senior research engineer Liv Matan.
In order to get around this, they set off a race condition, which allowed them to sneak their malicious overwrite between when Looker reset the configuration file to a safe state and when hooks needed to be run. After a few attempts, this worked. Related: OpenClaw AI Goes Crazy in Corporate Settings ## The Patching Challenge Searcher Shortly after Tenable first brought attention to the two problems in Looker, Google resolved them.
On-premises deployments will require manual updates to one of the versions identified as secure in Google's security bulletin GCP-2025-052. It won't be easy to do so.
.webp%3Fw%3D1068%26resize%3D1068%2C0%26ssl%3D1&w=3840&q=75)