!!!DO NOT ENTER YOUR CREDENTIALS!!!

Screenshot:

Dan Goodin wrote a good article on TheRegister.co.uk about the titled issue.This is not really a new vulnerability. Stuarty first submitted this frame injection/redirect to our archive on July 2007. It is also known for more than 2 years as a method to hijack Google accounts.Nevertheless, Adrian 'pagvac' Pastor from the GNUCitizen team provided a great demonstration on how attackers/phishers can exploit this bug to steal users' cleartext authentication credentials with a fake Google account login page.After a long long time...C'mon Google security team! Please fix this bug for once again in record time!More Google frame injections and open redirects HERE . 8-)Thanks again to Adrian and Aviv for throwing light on this issue! ;-)