Connect with us

Hi, what are you looking for?

Fibonacci Tech News

Researcher reveals ‘catastrophic’ security flaw in the Arc browser

Illustration: Cath Virginia / The Verge

A security researcher revealed a “catastrophic” vulnerability in the Arc browser that would have allowed attackers to insert arbitrary code into other users’ browser sessions with little than an easily findable user ID. The vulnerability was patched on August 26th and disclosed today in a blog post by security researcher xyz3va, as well as a statement from The Browser Company. The company says that its logs indicate no users were affected by the flaw.

The exploit, CVE-2024-45489, relied on a misconfiguration in The Browser Company’s implementation of Firebase, a “database-as-a-backend service,” for storage of user info, including Arc Boosts, a feature that lets users customize the appearance of websites they visit.

In its statement,…

Continue reading…

You May Also Like

Fibonacci Stock News

In the previous technical note, it was categorically mentioned that while the markets may attempt to inch higher, they may not form anything beyond...

Fibonacci Investing News

Chris Edwards Many American cities need more low‐​income housing, but governments reduce supply and raise construction costs with regulations, taxes, and bureaucracy. The Wall...

Fibonacci Tech News

Illustration by Alex Castro / The Verge The question of who gets to regulate crypto has some answers, as a judge has ruled the...

Fibonacci Stock News

If you look at a chart of PLTR stock, you can see that it has had quite a ride, from its short-lived period of...