Browsers on iOS, iPadOS and Mac leak your browsing activity and personal identifiers

Researchers at FingerprintJS, a Chicago-based firm that specializes in online fraud prevention, have published a software bug introduced in Safari 15’s implementation of the IndexedDB API that lets any website track your internet activity and may even reveal your identity. They found that in Safari 15 on macOS, and in all browsers on iOS and iPadOS 15, the IndexedDB API is violating the same-origin policy; a fundamental security mechanism that restricts how documents or scripts loaded from one origin can interact with resources from other origins.

Read full article on Malwarebytes Unpacked

 


Date:

Categorie(s):