Security researchers had uncovered a flaw in FCM that could have let them send bogus notifications to users of apps that rely on the tool for messaging, potentially enabling phishing or spam attacks.