A recent phishing attempt exploited a legitimate Zoom email notification to deceive users into entering their Gmail credentials on a fake login page. The attackers used a "bot protection" gate to enhance the page's legitimacy, allowing for real-time credential exfiltration via WebSocket connections, showcasing how trusted platforms can be manipulated for cybercrime.