Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named « MultiLogin » to restore expired authentication cookies and log into users’ accounts, even if an account’s password was reset. […]
Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named « MultiLogin » to restore expired authentication cookies and log into users’ accounts, even if an account’s password was reset. […]
