Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle (MiTM) phishing attacks. Phishing attacks carried out by injecting malicious content in legitimate traffic are difficult to detect when attackers use an embedded browser framework or any other automated tool for authentication. Google suggests developers currently using CEF for authentication to switch to the browser-based OAuth authentication. This is similar to the restriction on webview sign-ins announced in April 2016.”]
Source: https://securityaffairs.co/wordpress/84243/security/google-mitm-phishing-attacks.html