Hackers linked to ToddyCat have found a neat little shortcut into corporate Gmail: no password, no phishing page, just a browser session that is already signed in. Kaspersky says the new tool, Umbrij, can abuse Chromium-based browsers to pull OAuth access to Gmail data, including mail, calendars, contacts, and cloud storage. The trick depends on […]