10Oca
Does the New Google Session Hijacking Technique Require Access to my Computer
There is a new article explaining the details of the new Google OAuth2 exploit where a Google session can be restored using a Chrome token. But what I can't seem to find on Google or in the article itself is...
Am I correct in understanding that a malicious actor would need either access to my computer and Chrome profile (local cookies) in order to implement this exploit?