all InfoSec news
Researchers: hackers are abusing Google OAuth endpoint "MultiLogin" to restore expired authentication cookies and log into accounts even after a password reset (Bill Toulas/BleepingComputer)
Techmeme www.techmeme.com
Bill Toulas / BleepingComputer:
Researchers: hackers are abusing Google OAuth endpoint “MultiLogin” to restore expired authentication cookies and log into accounts even after a password reset — Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named “MultiLogin” …
abusing accounts authentication authentication cookies bill bleepingcomputer cookies endpoint expired families google hackers information log malware oauth password password reset researchers reset restore stealing undocumented