Malware creators are using a zero-day exploit to access users' Google accounts via malicious code used to exfiltrate sessions tokens, according to security researchers. The exploit also allows malicious users to regenerate an authentication cookie to log in to a user's account, even after a password change.
No comments:
Post a Comment