A critical exploit affecting Google services that allows threat actors to generate Google cookies continuously has been revealed by CloudSEK’s threat research team. The exploit enables continuous access to Google services even after a password reset. The exploit involves the MultiLogin endpoint, a part of Google’s user authentication process. Infostealer malware Lumma is among the malicious entities utilising the exploit via advanced tactics like token manipulation and encryption.
GuidePoint warns of Python backdoor used in ransomware
GuidePoint Security identified a threat actor using a Python-based backdoor to persistently access breached endpoints and release RansomHub encryptors across compromised networks. The backdoor was