Security News > 2025 > April > Phishers abuse Google OAuth to spoof Google in DKIM replay attack
2025-04-20 17:31
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google's systems, passing all verifications but pointing to a fraudulent page that collected logins. [...]
News URL
Related news
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)