Google Cloud Platform Flaw 'GhostToken' Offers Ghost Entry to Attackers

Google patched a security hole dubbed GhostToken that affects all the users of Google Cloud Platform (GCP). This flaw enables attackers to gain access to user accounts through the installation of malicious OAuth applications obtained from either the Google Marketplace or third-party providers. Criminals can hide malicious apps by abusing this flaw.