Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim’s Google account.
Israeli cybersecurity startup Astrix Security, which discovered and reported the issue to Google on June 19, 2022, dubbed the shortcoming GhostToken.
The issue
This article has been indexed from The Hacker News
Read the original article: