BleepingComputer reports that expired authentication cookies are being revived for account access by numerous information-stealing malware strains by leveraging the newly discovered MultiLogin Google OAuth endpoint.
Article Link: Google OAuth endpoint exploited by various malware | SC Media