Bleeping Computer

Threat actors abuse Google Apps Script in evasive phishing attacks

Threat actors are abusing the ‘Google Apps Script’ development platform to host phishing pages that appear legitimate and steal login credentials. This new trend was spotted by security researchers at ...
TechRadar

Google Apps Script abused to launch dangerous phishing attacks

Hackers are hosting fake invoices on Google Apps Script, experts warn The invoices are sent via email Victims are redirected to a fake Microsoft 365 login page Threat actors have been seen abusing ...
CSOonline

Warning: Threat actors now abusing Google Apps Script in phishing attacks

Threat actors have discovered a way to abuse Google Apps Scripts to sneak links to malicious websites past phishing defenses. According to new research from Cofense, a new attack has been discovered ...
Nairametrics

Google Play apps with 38 million downloads linked to massive ad fraud scheme

Security researchers have discovered one of the largest mobile ad fraud schemes in recent years, involving 224 apps on the ...
Cybernews

Android apps with millions of downloads stealing ad money right under Google’s nose

A massive ad fraud scheme, dubbed SlopAds, exploited 224 Android apps to generate billions of fake ad views and steal money from advertisers.
Ars Technica

Startup necromancy: Dead Google Apps domains can be compromised by new owners

Lots of startups use Google's productivity suite, known as Workspace, to handle email, documents, and other back-office matters. Relatedly, lots of business-minded webapps use Google's OAuth, i.e.