Phishing Scam Hijacks PayPal's Own Secure Servers
• PC World[This is the most dangerous phishing scheme!] A cross-site scripting flaw in the PayPal Web site allows a new phishing attack to masquerade as a genuine PayPal log-in page with a valid security certificate, according to security researchers.
