Connect with us

Hi, what are you looking for?

HorizonLifeTime.comHorizonLifeTime.com

Tech News

Researcher reveals ‘catastrophic’ security flaw in the Arc browser

Published

Grayscale Arc logo on pink and black background
Illustration: Cath Virginia / The Verge

A security researcher revealed a “catastrophic” vulnerability in the Arc browser that would have allowed attackers to insert arbitrary code into other users’ browser sessions with little than an easily findable user ID. The vulnerability was patched on August 26th and disclosed today in a blog post by security researcher xyz3va, as well as a statement from The Browser Company. The company says that its logs indicate no users were affected by the flaw.

The exploit, CVE-2024-45489, relied on a misconfiguration in The Browser Company’s implementation of Firebase, a “database-as-a-backend service,” for storage of user info, including Arc Boosts, a feature that lets users customize the appearance of websites they visit.

In its statement,…

Continue reading…

In this article:







    Get the daily email that makes reading the news actually enjoyable. Stay informed and entertained, for free.




    Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

    You May Also Like

    Investing

    How to Trade With Crypto Currencies And Earn

    Collaboratively administrate turnkey channels whereas virtual e-tailers. Objectively seize scalable metrics whereas proactive e-services.

    December 23, 2017

    Investing

    Supersonic Transport: Billionaires Do Battle

    Quickly coordinate e-business applications through revolutionary catalysts for change. Seamlessly underwhelm optimal testing procedures processes.

    January 9, 2018

    Tech News

    Scout Motors’ plan to ditch dealers is exactly what customers want

    Image: Scout Motors The VW-backed company is following in the footsteps of Tesla and Rivian by selling directly to customers without a dealership. Continue...

    October 28, 2024

    Tech News

    Universal Music partners with AI company building an ‘ethical’ music generator

    UMG and AI company Klay are forming their own foundational Music-generating AI model. | Cath Virginia / The Verge | Photo from Getty Image...

    October 28, 2024