Home Kripto Safari, Chrome, Firefox Vulnerable to New Security Threat
Kripto

Safari, Chrome, Firefox Vulnerable to New Security Threat

Safari, Chrome, Firefox Vulnerable to New Security Threat

A critical security flaw has been identified in three of the most widely used web browsers—Apple’s Safari, Google’s Chrome, and Mozilla’s Firefox—posing a significant risk of data breaches. The vulnerability, known as the “0.0.0.0-day attack,” exploits how these browsers handle queries to the 0.0.0.0 IP address, potentially allowing attackers to access private data stored on users’ devices.

Details of the Vulnerability

Cybersecurity experts at Oligo discovered that the flaw targets the way these browsers redirect users from the 0.0.0.0 IP address to other IPs, often leading to “localhost,” a private server or computer. Under this attack, a malicious request to the 0.0.0.0 IP address could trick the browser into revealing sensitive data, making the attack especially dangerous when paired with phishing or social engineering tactics.

The risk is particularly high for individuals and organizations managing web servers, as the attack surface is larger in these scenarios. Cybercriminals could exploit this vulnerability to gain access to private data and even internal private networks, opening numerous attack vectors.

Response from Apple and Google

The flaw has already been exploited in the wild, prompting urgent action from developers. Apple and Google are actively working on fixes for their respective browsers. Avi Lumelsky, an AI security researcher at Oligo, emphasized the severity of the issue, noting that the attack could immediately expose developer code, internal messaging, and access to internal networks.

While the attack is mostly limited to web server hosts, a significant number of users remain at risk. Evidence of the flaw’s exploitation was confirmed by a Google security developer in a Chromium forum post earlier this year. However, the vulnerability affects only Apple devices, as Microsoft has already blocked the 0.0.0.0 IP address on Windows. Apple is expected to implement a similar block in the upcoming macOS 15 Sequoia beta.

Google is also preparing a fix for its Chromium and Chrome browsers, while Mozilla is still exploring solutions for Firefox.

As Apple, Google, and Mozilla work to resolve this vulnerability, users are advised to keep their browsers up-to-date with the latest patches and updates. Staying current with browser updates is crucial to protecting against potential cyber threats.

Related Articles

US Tariffs Could Be Devastating for Irish Whiskey Industry
Kripto

US Tariffs Could Be Devastating for Irish Whiskey Industry

In a significant escalation of trade tensions between the United States and...

OpenAI Unveils New Tools to Help Businesses Develop AI Agents
Kripto

OpenAI Unveils New Tools to Help Businesses Develop AI Agents

OpenAI is set to revolutionize the integration of artificial intelligence in business...

North Korean Hackers Sneak Spyware onto Android App Store
Kripto

North Korean Hackers Sneak Spyware onto Android App Store

KoSpy, a spyware application, has been revealed to possess extensive capabilities, posing...

Trump Tariffs Spark Nationalism and Gain Political Support in Canada and Mexico
Kripto

Trump Tariffs Spark Nationalism and Gain Political Support in Canada and Mexico

Mark Carney, the former banker, has been selected as the leader of...