https://www.bleepingcomputer.com/news/security/google-malware-abusing-api-is-standard-token-theft-not-an-api-issue/

Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired.

In late November 2023, BleepingComputer reported on two information-stealing malware operations named Lumma and Rhadamanthys, claiming they could restore expired Google authentication cookies stolen in attacks.