A malware developer was recently able to discover one of Google's OAuth secrets, a previously unknown feature named "MultiLogin" that is responsible for synchronizing Google accounts across different services. MultiLogin accepts a vector of account ID and auth-login tokens, using such data for managing simultaneous sessions or seamlessly switching between...
Read Entire Article
https://www.techspot.com/news/101404-google-oauth-secrets-exposed-account-hijacking-multilogin-vulnerability.html?utm_source=dlvr.it&utm_medium=blogger
Read Entire Article
https://www.techspot.com/news/101404-google-oauth-secrets-exposed-account-hijacking-multilogin-vulnerability.html?utm_source=dlvr.it&utm_medium=blogger