Program Could Steal Incoing E-mail from Gmail Accounts

Petko Petkov of "ethical hacking" group GNUCitizen has developed a proof-of-concept program to steal contacts and incoming e-mails from Google Gmail users. According to Pure Hacking security researcher Chris Gatford, attackers could compromise a Gmail account -- using a cross-site scripting vulnerability -- if the victim is logged in and clicks on a malicious link.

  • Read the article: CNET News.com