GhostToken GCP flaw let attackers backdoor Google accounts

April 21, 2023, 5:50 p.m. | Sergiu Gatlan

BleepingComputer www.bleepingcomputer.com

Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using malicious OAuth applications installed from the Google Marketplace or third-party providers. [...]

accounts applications attackers backdoor cloud cloud platform flaw gcp google google accounts malicious malicious oauth applications marketplace oauth party platform security security vulnerability third third-party vulnerability

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Apple blocked $7 billion in fraudulent App Store purchases in 4 years 33 minutes ago | www.bleepingcomputer.com

analysis app apple blocked +12

Windows Quick Assist abused in Black Basta ransomware attacks an hour ago | www.bleepingcomputer.com

abuse attacks basta black basta +15

FBI seize BreachForums hacking forum used to leak stolen data 3 hours ago | www.bleepingcomputer.com

breachforums corporate corporate data cybercriminals +10

Banco Santander warns of a data breach exposing customer info 4 hours ago | www.bleepingcomputer.com

actor breach customer customers +12

Tornado Cash cryptomixer dev gets 64 months for laundering $2 billion 5 hours ago | www.bleepingcomputer.com

cash cryptocurrency dev developers +8

PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers 20 hours ago | www.bleepingcomputer.com

access attackers command device +14

Microsoft fixes VPN failures caused by April Windows updates 22 hours ago | www.bleepingcomputer.com

april breaking client connections +14

Singing River Health System: Data of 895,000 stolen in ransomware attack 22 hours ago | www.bleepingcomputer.com

attack august data health +10

VMware makes Workstation Pro and Fusion Pro free for personal use 22 hours ago | www.bleepingcomputer.com

cost free fusion home +12

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Senior Director, Risk Compliance & Trust (GRC)

@ Snyk | Boston, London

View on infosec-jobs.com

Working Student (f/m/d) - Security Architecture Project Management & Communications

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

Werkstudent Cyber Security (w/m/x)

@ BMW Group | München, DE

View on infosec-jobs.com

all InfoSec news

GhostToken GCP flaw let attackers backdoor Google accounts

More from www.bleepingcomputer.com / BleepingComputer

Jobs in InfoSec / Cybersecurity

Information Security Engineers

Technology Security Analyst

Senior Cyber Security Analyst

Senior Director, Risk Compliance & Trust (GRC)

Working Student (f/m/d) - Security Architecture Project Management & Communications

Werkstudent Cyber Security (w/m/x)