While not exactly related to web security, it’s always good to take a minute to look at the web’s cousin, the desktop. On November 13th a Skype vulnerability was released that would allow an attacker to hijack an existing account. All the attacker would need is to know the primary email on any account.
The vulnerability is actually ingenious in retrospect, and it’s interesting it hadn’t been identified earlier. Do note however that it had been out for a few months. Protalinski with The Next Web explains how it works: