“Google and Microsoft today began warning users about active phishing attacks against Google’s online properties. The two companies said the attacks resulted from a fraudulent digital certificate that was mistakenly issued by a domain registrar run by a Turkish domain registrar.”
Source: Turkish Registrar Enabled Phishers to Spoof Google — Krebs on Security