Researchers discovered vulnerabilities in Google Workspace that could lead to ransomware attacks, data theft, and password decryption. They exploit Google Credential Provider for Windows, allowing attackers to steal refresh tokens and bypass MFA.