Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset

Jan 3, 2024

Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset.
According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat actors to maintain access to a valid session in an

Get Free Report & Network Analysis

Please check your email for the free report.