😷 Jan Wildeboer on Nostr: #Oops. "Login with Google" can be abused if you buy a domain name that formerly had ...

#Oops. "Login with Google" can be abused if you buy a domain name that formerly had accounts, e.g. from a failed startup.

"At the time of writing, there is no fix."

https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw