<ul><li>Security researchers have uncovered a vulnerability in the Fullscreen API of Apple Safari browser, which is being exploited by hackers for convincing password theft attacks.</li><li>Hackers use a browser-in-the-middle technique to trick users into interacting with a remote browser controlled by attackers, leading to the theft of login credentials and authentication cookies.</li><li>The specific limitation in Safari browsers makes Fullscreen BitM attacks particularly convincing, as the browser doesn't provide proper alerts when a window enters fullscreen mode.</li><li>Despite being informed about this vulnerability, Apple has decided not to address it further, as they believe the swipe animation in Safari is a sufficient signal for users.</li></ul>

This worrying Apple Safari security bug could leave users wide open to cyberattacks

Discover more