Skip to main content

Tag: google api

3 articles

Corporate office setting with laptop on desk and cityscape through window.

ToddyCat APT Exploits OAuth to Breach Gmail via Google API

Meet ToddyCat, a sneaky APT group that's been exploiting OAuth and the Google API to secretly breach corporate Gmail accounts since 2020. Their latest trick involves a cunning malware called Umbrij, which lets them hijack email communications with ease.

Analyst 207
Blurred computer screen at a corporate office workstation in bright daylight.

ToddyCat APT Group Exploits Google API for Email Access

Meet ToddyCat, a sneaky APT group that's taken automation to the next level with its new tool, Umbrij - allowing it to secretly tap into corporate email and cloud resources by exploiting Google API. This stealthy move has helped ToddyCat remain undetected by monitoring systems, leaving organizations vulnerable to attack.

Analyst 207
Dark cityscape with giant cracked smartphone screen hovering above skyscrapers, reflecting eerie glow of computer screens.

Google API Flaw Exposes Android Apps to Gemini AI Vulnerabilities

A recently discovered flaw in Google's API keys is leaving millions of Android apps vulnerable to Gemini AI exploits, potentially exposing private files and racking up unexpected billing charges. This security gap allows mobile apps to quietly tap into the powerful AI, all without users noticing.

Analyst 207