Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://social.vivaldi.net/users/brucelawson/statuses/111297757891479511">Bruce Lawson ✅ (quiet time) (brucelawson@social.vivaldi.net)'s status on Thursday, 26-Oct-2023 07:00:39 JST</a><a href="https://social.vivaldi.net/@brucelawson" title="brucelawson@social.vivaldi.net"><img src="https://gnusocial.jp/avatar/99637-48-20230218084023.webp" width="48" height="48" alt="Bruce Lawson ✅ (quiet time)" style="position: absolute; left: 0; top: 0;">Bruce Lawson ✅ (quiet time)</a></section><article><p>"Hackers can force iOS and macOS browsers to divulge passwords and much more<br>iLeakage is practical and requires minimal resources. A patch isn't (yet) available." Researchers successfully leveraged iLeakage to recover the content of a Gmail inbox—when a target is logged in—and a password as it’s being autofilled by a credential manager. iThings can be attacked when running any browser because they’re all based on WebKit browser <a href="https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/" rel="nofollow noreferrer">https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2233897#notice-4397428">In conversation</a><time datetime="2023-10-26T07:00:39+09:00" title="Thursday, 26-Oct-2023 07:00:39 JST">about a year ago</time> <span>from <span><a href="https://social.vivaldi.net/@brucelawson/111297757891479511" rel="external" title="Sent from social.vivaldi.net via ActivityPub">social.vivaldi.net</a></span></span><a href="https://social.vivaldi.net/@brucelawson/111297757891479511">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: cdn.arstechnica.net</div><h5><a href="https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/">Hackers can force iOS and macOS browsers to divulge passwords and much more</a></h5><div></div></header><div>iLeakage is practical and requires minimal resources. A patch isn't (yet) available.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Bruce Lawson ✅ (quiet time) (brucelawson@social.vivaldi.net)'s status on Thursday, 26-Oct-2023 07:00:39 JST Bruce Lawson ✅ (quiet time)
"Hackers can force iOS and macOS browsers to divulge passwords and much more
iLeakage is practical and requires minimal resources. A patch isn't (yet) available." Researchers successfully leveraged iLeakage to recover the content of a Gmail inbox—when a target is logged in—and a password as it’s being autofilled by a credential manager. iThings can be attacked when running any browser because they’re all based on WebKit browser https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/
In conversationabout a year ago from social.vivaldi.netpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: cdn.arstechnica.net
  Hackers can force iOS and macOS browsers to divulge passwords and much more
  iLeakage is practical and requires minimal resources. A patch isn't (yet) available.

Public

Embed Notice

HTML Code

Corresponding Notice