September 27th, 2007, 12:50 PM
Gmail zero-day flaw allows attackers to steal messages
Accounts on Google's Gmail can be easily hacked, allowing any past -- and future -- e-mail messages to be forwarded to the attacker's own in-box, a vulnerability researcher said Tuesday.
Dubbed a "cross-site request forgery" (CSRF), the Gmail bug was disclosed Tuesday by Petko Petkov, a U.K.-based Web vulnerability penetration tester who has made a name for himself of late. In the past two wee...