GMail flaw lets anyone read your e-mail
Hackers have revealed that your GMail account is vulnerable to an attack that allows malicious folks to keep tabs on your e-mail traffic. The attack uses a clever (and particularly nasty) cross-site request forgery (CSRF) to create a persistent backdoor that can be used to read your e-mail. The exploit works by creating a new filter in your GMail account, which means it can do pretty much anything GMail filters are capable of — including forward your e-mail to another account.
[ Read more ]