Safari
Safari 15 flaw allows attackers to access user data, allowing access to other websites without proper account holder knowledge
Browser Safari has an error allowed Expose user browsing history and sensitive Google account data to criminals. The flaw, discovered by FingerprintJS digital security service, demonstrates problems with indexed implementation on macOS and iOS, allowing a given website to see database names for any domain along with its own.
According to the site the edgeBrowsers cannot allow a browser tab to access other content. That is, if a user is logged into a website and there is active malware in another tab, they will not be able to view the data because they are not connected to the same place of origin. It will be a buggy version of Safari 15 and have problems interacting with the IndexedDB database API.
When you enter the Database tab, Safari automatically creates blank data content on the other tabs. Thus, the malware can view the name and sensitive information of the account or profile that was accessed. Revealing the data allows access to all websites, not just those with a particular API. That is, sites like InstagramAnd NetflixAnd Twitter And Xbox are some of the examples the attackers used.
What do you do to protect yourself?
According to FingerprintJS, there is no effective way to protect yourself or block JavaScript, which could affect other resources. For Mac users, the best alternative is to use another browser. On iPhone and iPad, the change was not successful, as there is a chance that the bug will appear in other browsers. At the moment, a file is available An apple Did not comment on how to solve the bug.