Hackers discover way to access Google accounts without a password::‘Exploit enables continuous access to Google services, even after a user’s password is reset,’ researcher warns

  • /home/pineapplelover@lemm.ee
    link
    fedilink
    English
    arrow-up
    5
    ·
    11 months ago

    I thought session hijacking could only be done with 1st party cookies from google itself. I didn’t know you could session hijack with 3rd party cookies. That’s pretty interesting.

    • hperrin@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      ·
      11 months ago

      The article mentions third party cookies, but it’s talking about hackers stealing first party cookies (specifically authentication cookies).