ijeff@lemdro.idM to Android@lemdro.idEnglish · 1 year agoMalware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accountswww.bleepingcomputer.comexternal-linkmessage-square4fedilinkarrow-up199arrow-down13
arrow-up196arrow-down1external-linkMalware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accountswww.bleepingcomputer.comijeff@lemdro.idM to Android@lemdro.idEnglish · 1 year agomessage-square4fedilink
minus-squareepyon22@programming.devlinkfedilinkEnglisharrow-up4·1 year agoIt’s based on security hole in what I’m interpreting as a web API. You leverage a legitimatly logged in Google account on a malicious website and this web endpoint gives you keys to everything else
It’s based on security hole in what I’m interpreting as a web API. You leverage a legitimatly logged in Google account on a malicious website and this web endpoint gives you keys to everything else