Google OAuth vulnerability exploited in advanced phishing attack

BleepingComputer reports that Google was discovered by Ethereum Name Service lead developer Nick Johnson to have had an OAuth vulnerability leveraged to facilitate the delivery of a bogus email purporting to be a security alert from the company with a valid DomainKeys Identified Mail authentication key as part of a DKIM replay phishing intrusion.

Introduction to Malware Binary Triage (IMBT) Course

Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.

Enroll Now and Save 10%: Coupon Code MWNEWS10

Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.

Article Link: https://www.scworld.com/brief/google-oauth-vulnerability-exploited-in-advanced-phishing-attack