Connect with us

Hi, what are you looking for?

Joyful Retirement SecretsJoyful Retirement Secrets

Tech News

Researcher reveals ‘catastrophic’ security flaw in the Arc browser

Grayscale Arc logo on pink and black background
Illustration: Cath Virginia / The Verge

A security researcher revealed a “catastrophic” vulnerability in the Arc browser that would have allowed attackers to insert arbitrary code into other users’ browser sessions with little than an easily findable user ID. The vulnerability was patched on August 26th and disclosed today in a blog post by security researcher xyz3va, as well as a statement from The Browser Company. The company says that its logs indicate no users were affected by the flaw.

The exploit, CVE-2024-45489, relied on a misconfiguration in The Browser Company’s implementation of Firebase, a “database-as-a-backend service,” for storage of user info, including Arc Boosts, a feature that lets users customize the appearance of websites they visit.

In its statement,…

Continue reading…

You May Also Like

Tech News

Adobe’s new text-to-video and image-to-video AI features will be available in beta later this year. | Image: Adobe Adobe has teased some of its...

Tech News

Photo by Jerod Harris/Getty Images for Vox Media Jony Ive has confirmed that he’s working with OpenAI CEO Sam Altman on an AI hardware...

Editor's Pick

So the first Fed rate cut is behind us, and we are no longer in a “higher for longer” period, but in a new...

Editor's Pick

Daniel Raisbeck Venezuela’s 75-year-old president-elect, Edmundo González, fled to Spain on September 8, soon after the Chavista regime issued an arrest warrant against him....