GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
21 April 2023
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim's Google account.
Israeli cybersecurity startup Astrix Security, which discovered and reported the issue to Google on June 19, 2022, dubbed the shortcoming GhostToken.
The issue