LTT found out the hard way, their attacker had a session token for an employee a... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

newZWhoDis on Dec 31, 2023 | parent | context | favorite | on: Malware abuses Google OAuth endpoint to 'revive' c...

LTT found out the hard way, their attacker had a session token for an employee and changing everyone’s passwords didn’t lock the attacker out.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact