Hackers Exploit Google OAuth and DKIM Replay Technique for Phishing Attack

Hackers have exploited a vulnerability to send a fake email appearing to come from Google's systems, passing all checks but redirecting to a fraudulent page collecting login credentials. This sophisticated attack used Google OAuth and a DKIM replay technique to bypass security mechanisms. Users receiving these emails were directed to a phishing page mimicking Google, allowing attackers to steal sensitive information.