OAuth Vulnerability Risks
-
Malware Exploits Google Multiple Sign-On Vulnerability to Maintain Access After Password Reset
The information-stealing malware is actively utilizing an unspecified Google OAuth endpoint called MultiLogin to hijack user sessions and allow users to continue accessing Google services even after resetting their passwords.