tl;dr January 12 attack on Google China
By clicking on a link and connecting to a “poisoned” Web site, the employee inadvertently permitted the intruders to gain access to his (or her) personal computer and then to the computers of a critical group of software developers at Google’s headquarters in Mountain View, Calif. Ultimately, the intruders were able to gain control of a software repository used by the development team.
Regarding the title of the article, the attackers stole the source to "Gaia", the single-sign-on system used by Google, and could potentially find previously-unknown security holes in it.
It's interesting how the world is changing. A whole host of "security" measures protecting all manner of information and services at companies both big and small are often based on a combination of security through obscurity and the assumption that any attack will be limited in scale.
Much like the phase change that occurred in the industry as the internet became popular and software developers could no longer ignore security I think we're headed for another phase change / inflection point as the stakes get raised. 5 years from now the default security assumption will probably be something along the lines of: "assume a hostile 1st world nation already has access to your internal network and is using a significant amount of resources to gain as much information and access to internal services as possible".
