Google confirmed a sophisticated phishing attack targeting 1.8 billion Gmail users. The attack, which exploits a vulnerability in Google’s infrastructure, appears to be from a legitimate Google address and tricks users into sharing their login credentials. Google advises users to adopt two-factor authentication and passkeys for enhanced account security.