Beautiful Virgin Islands

Monday, Aug 04, 2025

Apple browser bug could lead to personal data leak

Apple browser bug could lead to personal data leak

A vulnerability in the Safari 15 browser allows malicious programs to track people’s internet activity and reveal their identity
A recently disclosed Apple Safari 15 bug can be used by nefarious sites to extract people’s browsing history and obtain their Google ID to collect more personal data, a fraud detector reports.

The problem identified by FingerprintJS, a browser fingerprinting fraud detection service, resides with IndexedDB – an application programming interface, or API, used to store large amounts of data on a browser.

Normally, such data collecting interfaces operate within the ‘same-origin’ policy: they only allow websites a person interacts with to access data generated by each such website itself but not the other ones. For example, if a person opens their email account in one browser tab and another webpage in the second one, this webpage would not be able to access any email-related data.

When it comes to Safari 15, though, this is not the case. Due to Apple’s application of the IndexedDB API, each time a website interacts with the browser database, a new database of the same name is created for all other active tabs. That means that each such site can access database names for all other sites a person interacts with at the same time.

This can be particularly disturbing when a person interacts with some web pages requiring some personal data like YouTube or Google accounts. Any Google ID-linked pages create databases with a person’s unique Google User ID in their names, which are then de-facto shared with all other websites a person opens and can thus be potentially exploited by nefarious actors, including to obtain more personal data once they know the Google ID.

MacOS owners can potentially just use a browser other than Safari to get around the bug but there is little iPhone and iPad owners can do since Apple’s third-party browser engine ban on all iOS devices means all browsers are affected. Private mode on Safari 15 is affected as well.

FingerprintJS even created a special demo to show how website data, browsing history and personal data are collected by Safari in a way that reveals a person’s internet profile picture. It also said it reported the issue to the WebKit Bug Tracker on November 28, but no updates to fix the issue have been released as of yet. Apple also has not answered media requests for comment so far.
Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
OpenAI’s Bold Bet: Teaching AI to Think, Not Just Chat
Tesla Seeks Shareholder Approval for $29 Billion Compensation Package for Elon Musk
Nvidia is cutting prices on its RTX 50-series graphics cards after sales slowed and inventories piled up
Ghislaine Maxwell Transferred to Minimum-Security Prison Amid Ongoing DOJ Discussions
U.S. Tariffs Surge to Highest Levels in Nearly a Century Under Second Trump Term
Matt Taibbi Slams Media for Role in Russiagate Narrative
Pilots Call for Mental Health Support Without Stigma
All Five Trapped Miners Found Dead After El Teniente Mine Collapse
Ong Beng Seng Pleads Guilty in Corruption Case Linked to Former Singapore Transport Minister
BP’s Largest Oil and Gas Find in 25 Years Uncovered Offshore Brazil
Italy Fines Shein One Million Euros for Misleading Sustainability Claims
JPMorgan and Coinbase Unveil Partnership to Let Chase Cardholders Buy Crypto Directly
Declassified Annex Links Soros‑Affiliated Officials and Clinton Campaign to ‘Russiagate’ Narrative
UK's Online Safety Law: A Front for Censorship
Nationwide Protests Erupt in Brazil Demanding Presidential Resignation
Parents Abandon Child at Barcelona Airport Over Passport Issue
Mystery Surrounds Death of Brazilian Woman with iPhones Glued to Her Body
Bus Driver Discovers Toddler Hidden in Suitcase in New Zealand
Switzerland Celebrates 734 Years of Independence Amid Global Changes
U.S. Opens Official Investigation into Former Trump Prosecutor Jack Smith
Leaked audio of Canada's new PM Mark Carney admitting the truth about the Net Zero agenda: "We're gonna make a lot of money off of this."
China Enforces Comprehensive Ban on Cryptocurrency Activities
Absolutely 100% Realistic EVO Series Doll by EXDOLL (Chinese Company) used mainly for carnal purposes
World Economic Forum founder Klaus Schwab: "In this new world, we must accept... total transparency. You have to get used to it. You have to behave accordingly. But if you have nothing to hide, you shouldn't be afraid."
Meet Mufti Hamid Patel, head of Office for Standards in Education in Pakistan
George Soros tells the World Economic Forum: "President Trump is a con man and the ultimate narcissist, who wants the world to revolve around him."
Hamas are STARVING the hostages.
Decline in Tourism in Majorca Amidst Ongoing Anti-Tourism Protests
British Tourist Dies Following Hair Transplant in Turkey, Police Investigate
Poland Begins Excavation at Dziemiany After New Clue to World War II‑Era Nazi Treasure
WhatsApp Users Targeted in New Scam Involving Account Takeovers
Trump Threatens Canada with Tariffs Over Palestinian State Recognition
Trump Deploys Nuclear Submarines After Threats from Former Russian President Medvedev
Trump Sues Murdoch in “Heavyweight Bout”: Lawsuit Over Alleged Epstein Letter Sets Stage for Courtroom Showdown
Germany Enters Fiscal Crisis as Cabinet Approves €174 Billion in New Debt
Trump Administration Finalizes Broad Tariff Increases on Global Trade Partners
J.K. Rowling Limits Public Engagements Citing Safety Fears
JD.com Launches €2.2 Billion Bid for German Electronics Retailer Ceconomy
Azerbaijan Proceeds with Plan to Legalise Casinos on Artificial Islands
Former Judge Charged After Drunk Driving Crash Kills Comedian in Brazil
Jeff Bezos hasn’t paid a dollar in taxes for decades. He makes billions and pays $0 in taxes, LEGALLY
China Increases Use of Exit Bans Amid Rising U.S. Tensions
IMF Upgrades Global Growth Forecast as Weaker Dollar Supports Outlook
Procter & Gamble to Raise U.S. Prices to Offset One‑Billion‑Dollar Tariff Cost
House Republicans Move to Defund OECD Over Global Tax Dispute
Botswana Seeks Controlling Stake in De Beers as Anglo American Prepares Exit
Trump Administration Proposes Repeal of Obama‑Era Endangerment Finding, Dismantling Regulatory Basis for CO₂ Emissions Limits
France Opens Criminal Investigation into X Over Algorithm Manipulation Allegations
A family has been arrested in the UK for displaying the British flag
Mel Gibson refuses to work with Robert De Niro, saying, "Keep that woke clown away from me."
×