Bleeping Computer

Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts

Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if an ...
The Daily Dot

A Gmail update is coming. Here’s what you need to know so you don’t lose your account

If you’re still relying on text message codes to log into Gmail, it might be time for an upgrade. Google is now encouraging users to stop using SMS-based two-factor authentication (2FA) and switch to ...
Bleeping Computer

Google: Malware abusing API is standard token theft, not an API issue

Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. In late November 2023, ...
来自MSN

Gmail is finally getting rid of SMS security codes to protect your security

Google plans to replace SMS verification with QR codes due to phishing risks and security vulnerabilities exploited by scammers. QR codes will eliminate the need to enter security codes when accessing ...