Google users' sensitive account details are currently at risk because of a new Safari browser bug. This new vulnerability was first discovered by the anti-fraud security firm FingerprintJS.
The latest system issue in Safari is specifically located in the browser's IndexededDB, which is implemented on iOS and macOS devices. Security experts claimed that the vulnerability allows a website to see other platforms' databases.
"IndexedDB is a browser API for client-side storage designed to hold significant amounts of data. It's supported in all major browsers and is very commonly used," explained FingerprintJS via its official security report.
Google Users at Rist Due to Safari Bug
According to 9TO5Mac's latest report, the new Safari bug can put the details of logged-in Google accounts on the browser. Aside from this, this vulnerability can also leak browsing histories.
LONDON, ENGLAND - AUGUST 09: In this photo illustration, A thumbprint is displayed on a mobile phone while the Google logo is displayed on a computer monitor on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search.
FingerprintJS explained that the Safari IndexedDB API flaw could allow a malicious website to access the Google User ID. Hackers can use this digital ID to acquire essential information.
On the other hand, the security company also released a proof-of-concept demo where they used the new Safari vulnerability. Aside from acquiring Google account's sensitive information, they were also able to access the user's profile picture.
Safari Flaw's Other Details
FingerprintJS explained that the new IndexedDB API flaw in Safari could be quite alarming. This is because it can easily leak the database names of various websites across different origins.
Security experts added that this could happen since database names are usually website-specific (unique). If the hackers use the new vulnerability, they can easily identify the people visiting the compromised websites.
The online platforms that the new Safari system issue can affect are Google Calendar, Google Keep, and YouTube. If you want to know more details about the browser's latest flaw, you can visit this link.
In other news, Russia's FSB arrested 14 suspected REvil ransomware hackers. Meanwhile, the new SnatchCrypto is now concerning cybersecurity researchers as they believe it can empty crypto wallets.
For more news updates about security threats and other related topics, always keep your tabs open here at TechTimes.
Related Article: US and Russia's Investigation Captured Hackers Likely Responsible for Colonial Pipeline Cyberattack | First Cooperation in 8 Years
This article is owned by TechTimes
Written by: Griffin Davis
