New Google Workspace Security Update Blocks Token Stealing Attacks

Cybersecurity threats are evolving, and Google Workspace is stepping up with a powerful new security feature aimed at stopping one of the fastest-growing types of cyberattacks: cookie theft. The update introduces Device Bound Session Credentials (DBSC), a protection that binds your session cookies directly to your device. If you've ever wondered how hackers manage to bypass two-factor authentication, the answer often lies in stolen tokens—DBSC is Google's latest response to that rising threat.

What Are Token Stealing Attacks and Why Do They Matter?

Token stealing attacks—especially those involving session cookies—let hackers bypass traditional login protections by mimicking your logged-in state on another device. This method recently made headlines when Linus Tech Tips and other YouTube channels were compromised using malware disguised as fake brand offers. These malware strains exfiltrate cookies, giving attackers access to accounts even after users have logged in securely. DBSC tackles this issue by tying the session token to the original login device, rendering the stolen cookie useless elsewhere.

How Google Workspace Is Preventing Cookie Theft

The Google Workspace security update uses DBSC to make session hijacking significantly harder. Once enabled, session credentials won’t work if moved to another system—shutting down the attack vector commonly exploited by info-stealing malware. Currently in beta for Chrome on Windows, DBSC is expected to expand to more platforms soon. Google also notes that tools like Okta and browsers like Microsoft Edge have shown interest in supporting the feature, showing promise for broader industry adoption.

What Workspace Users and Admins Should Do Next

While DBSC adds a strong layer of defense, Google also advises administrators to activate passkeys—a modern alternative to passwords that further secures user access. The company emphasizes the urgency, citing an “exponential rise” in authentication token theft, especially throughout 2025. Whether you’re managing a team or securing your own account, enabling these features will help future-proof your security setup against increasingly sophisticated threats.