Advanced Security For Advanced Threats
Actively exploiting an undocumented Google OAuth endpoint named MultiLogin, information-stealing malware is seizing control of user sessions, enabling sustained access to Google services even post a password reset.
As per CloudSEK, this significant exploit facilitates session persistence and cookie generation, allowing threat actors to maintain unauthorised access through a valid session.