Malware groups claimed they can access expired Google OAuth cookies, gaining access to accounts even when the user logs out or changes their password, BleepingComputer reports. Using a Google "MultiLogin" endpoint, hackers claim it can restore expired authentication codes, gaining repeated access to accounts.
Malware groups claim they can steal Google OAuth account data
Related stories
Notes from the IAPP Canada: CPS25 zeroes in on the issues that matter most
A view from DC: An updated NIST Privacy Framework
Handsets, headsets and hyperscreens: Emerging ideas for immersive experiences and the importance of governance by design
Notes from the Asia-Pacific region: India strides ahead on the digital front
New developments in global adequacy capabilities
