Google Acknowledges Discovery of Session Token Malware with Account Hijacking Capabilities: Report
The zero-day exploit enables malicious users to regenerate an authentication cookie, providing unauthorized access to a user’s account even after a password change.