Google GMail E-mail Hijack Technique. Apparently Gmail has a CSRF vulnerability that lets malicious sites add new filters to your filter list—meaning an attacker could add a rule that forwards all messages to them without your knowledge.
Sign in with 
OpenID
I'm surprised this sort of attack (CSRF) isn't massively more prevalent. Any config or preference option presented in an admin could be exploited if the attacker knows the URLs and post data required and can rely on the user having authenticated to the system.
How is one meant to protect against this sort of thing? Unique tokens per user in every form?
Unfortunately CSRF attacks are massively prevalent - they exist in the vast majority of web applications, and developer awareness of them is very poor (which is why I link to pretty much every article I see about them).
Form tokens are the best way to protect against them - since you need some way of knowing that the form submission is coming from a form that you served up in the first place.
Django ships with a piece of middleware for adding form tokens, and there's a plugin for Ruby on Rails. It's slightly fiddly to implement correctly and in a reusable way (mainly because Ajax complicates things) but once you start thinking about it it's not too hard to solve.