GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform


Security experts have revealed information about a Google Cloud Platform (GCP) zero-day vulnerability that has since been patched that may have allowed threat actors to hide an irremovable, malicious application inside of a victim’s Google account.

The flaw, dubbed GhostToken by Israeli cybersecurity outfit Astrix Security, affects all Google accounts, including Workspace accounts that are geared towards businesses. On June 19, 2022, it was found and reported to Google. On April 7, 2023, the business released a universal patch more than nine months later.

Read More…