crappy
sdwolfpup: A hacking tool was released that automates the attack of an existing Gmail vulnerability. Because it makes it much easier to do when it's automated, it's much more likely that people will use it to ill effect. In order to protect yourself, please do the following:
1. Log into your GMail account
2. Go into Settings (click 'Settings' in the upper right-hand corner)
3. Under the first tab ('General'), scroll to the bottom of the screen where it says "Browser Connection"
4. Select "Always use https"
5. Click 'Save Changes'
6. Log out of your account and then back in to have it take effect
For further information on why, see this article.
There are other security suggestions in the comments that are worth reading as well, even if you don't use GMail at all.
eta: Thanks to
tarzanic for this new info:Gmail Notifier users will need to install a patch once they switch to always use https.
