<ul><li>Hackers are swiping passwords from Google accounts in Chrome using the AutoIt Credential Flusher.</li><li>The attack leverages 'kiosk mode' in Chrome to lock users into the Google sign-in page and steal their credentials.</li><li>It doesn't redirect to a fake sign-in page and can pass along Google account details without suspicion.</li><li>The attack can affect other browsers as well, but certain hotkeys can be used to exit the locked screen.</li></ul>

Don’t trust that Google sign-in — how hackers are swiping passwords in Chrome

Discover more