A flaw has been detected in Yahoo! that lets an attacker take control of a user’s account which includes access to his or her emails.
“I guess the beautiful bit about it from an attacker’s viewpoint is quite a lot of people would be unaware of what’s happened. Not many people will think of changing their password after that happens,” said an internet services developer for Netcraft.
Source: The Register