Malware groups claimed they can access expired Google OAuth cookies, gaining access to accounts even when the user logs out or changes their password, BleepingComputer reports. Using a Google "MultiLogin" endpoint, hackers claim it can restore expired authentication codes, gaining repeated access to accounts.
Malware groups claim they can steal Google OAuth account data
Related stories
Emerging trends, insights from public enforcement of US state privacy laws
Notes from the IAPP Canada: Building momentum to address youth privacy issues
How proposed AI enforcement moratorium cuts into US state-level powers
Notes from the Asia-Pacific region: Chinese regulators strengthen AI, data protection governance
Notes from the IAPP Europe: Data protection and AI in focus