Avanan's research into an exploit flaw in the Google Docs' comments feature was highlighted in PCMag. The exploit allows hackers to easily send malicious links via the comment feature. As PCMag writes:
Security firm Avanan says it "observed a new, massive wave of hackers leveraging the comment feature in Google Docs, targeting primarily Outlook users" starting in December 2021. Attackers reportedly created Google Docs and left comments using tags (the "@" symbol followed by the victim's name) so Google would notify the intended recipient via email.
Read the rest of the article at PCMag.