Collaborate Disseminate
Have there ever been any documented cases of a major browser (Firefox or Chrome) on a fully updated Linux system being exploited in the wild? And by "exploit" I mean remote code execution outside of the browser.
Continue reading Have there ever been remote code execution browser exploits on Linux? [closed]
I had an adware tab randomly open in my browser. It got blocked by uBlock before it could do anything, but I’d like to know what triggered it.
I’m currently in a Chromium browser.
Continue reading How can I figure out what triggered an adware tab to open?
Twice now, seemingly randomly, I’ve been redirected to an ad site.
I believe it has occurred both times when I have a new tab open, type what I’m searching for (Google is my default search engine), press enter and then end up on the ad pag… Continue reading How to determine which Chrome extension is re-directing me to ad sites
We wan’t to prevent attacks comming in from src attribute "javascript:" but still allow lnline script tags.
Currently the only option is to add sha-hash’s but there are too many inline scripts to do this.
Unfortunately we can’t m… Continue reading CSP: Allow inline scripts while blocking javascript: in iframe src
Today I wanted to visit https://scp-wiki.wikidot.com/scp-4999 to conduct some scientific research. Upon loading the page, I was greeted with a text saying Russia (the country I’m in) and Belarus are blocked from visiting this website.
This… Continue reading How is this website able to determine my country? [closed]
Can you retrieve personal information ie; messages from browsers, off of a SIM card?
Continue reading Can you retrieve messages from instagram or messenger off of a SIM card?
When I am using ProtonVPN, does the VPN server run DNS resolution upon receiving the request, similar to a Tor exit node, thereby bypassing the device’s DNS cache?
Or do my browser’s DNS queries still write to the device DNS cache? And if … Continue reading When using a VPN is the device DNS cache still written to? [duplicate]
Regarding 2FA browser plugins, I follow the uneducated opinion that they usually provide sufficient security. Since a desktop computer is a unique device (even a virtual machine) and provides that required 2nd factor, you can use a 2FA bro… Continue reading Are 2FA browser plugins sufficiently secure?
I see lots of articles suggesting not storing passwords in the browser, and it made perfect sense to me, if I can access this data easily, an attacker probably can too.
But then I found out about cookie hijacking, and it seems to me that i… Continue reading Does not storing passwords in browser really matter given cookie hijacking exists?
Note: this does not answer my question as it mentions Java/Flash(not in the modern context. The question is from like 10 years ago so probably outdated), and mentions weakness introduced by the user(whereas I’m asking exploits that can be … Continue reading In the modern context, what max harm can a webpage do, if the creator is malignant? [duplicate]