One captured 6-digit PIN is now all it takes for a phishing attacker to walk away with a victim’s entire Google Password Manager (GPM) vault. Dubbed “Vaultjacking” by researchers at PhishU, this newly documented Adversary-in-the-Middle (AiTM) technique bypasses per-site passkey protections by targeting the underlying synchronization layer. By stealing a user’s GPM PIN during a […]
The post Researchers Warn VaultJacking Can Expose Entire Google Password Vault appeared first on Cyber Security News.