Not at all surprisingly, what is known is very little as the specific detail of each vulnerability is not being disclosed at this time. Anyway, with that very short rant over, here's what is known about security flaws those hackers, the security researchers external to Google, were able to find. So, let's stop calling those people who break the law hackers and instead use the correct terminology: criminals. If you ever needed confirmation that hacking is not a crime, these bug bounty hackers provide it.