Hackers discover way to access Google accounts without a password::‘Exploit enables continuous access to Google services, even after a user’s password is reset,’ researcher warns

  • /home/pineapplelover
    link
    fedilink
    English
    611 months ago

    I thought session hijacking could only be done with 1st party cookies from google itself. I didn’t know you could session hijack with 3rd party cookies. That’s pretty interesting.

    • @hperrin@lemmy.world
      link
      fedilink
      English
      1411 months ago

      The article mentions third party cookies, but it’s talking about hackers stealing first party cookies (specifically authentication cookies).