ijeffM to [email protected]English • 6 months agoMalware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accountswww.bleepingcomputer.comexternal-linkmessage-square4fedilinkarrow-up1100arrow-down12cross-posted to: [email protected]
arrow-up198arrow-down1external-linkMalware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accountswww.bleepingcomputer.comijeffM to [email protected]English • 6 months agomessage-square4fedilinkcross-posted to: [email protected]
minus-square@epyon22linkEnglish4•6 months agoIt’s based on security hole in what I’m interpreting as a web API. You leverage a legitimatly logged in Google account on a malicious website and this web endpoint gives you keys to everything else
It’s based on security hole in what I’m interpreting as a web API. You leverage a legitimatly logged in Google account on a malicious website and this web endpoint gives you keys to everything else