Dark Reading

CSRF Attacks Get New PoC Creation Tool

Cross site request forgery (CSRF) is a powerful attack that can have devastating consequences. It's not a new attack, but new tools are released every year because Web developers don't always write ...
InfoWorld

Gmail zero-day flaw allows attackers to steal messages

Google has not said when it will patch the Gmail CSRF bug, which enables hackers to forward any past -- and future -- e-mail messages to the attacker's own in-box Accounts on Google’s Gmail can be ...