Privacy New FROST attack exploits browser features for website and app tracking May 29, 2026 Share By SC Staff Researchers at Graz University of Technology have unveiled a new browser-side channel attack named FROST. This method can reveal visited websites and opened desktop applications by exploiting standard browser features, as reported by Tech Radar. The FROST attack leverages the Origin Private File System (OPFS), a browser feature, to measure Solid-State Drive (SSD) access speeds. This allows attackers to infer user activity, such as visited websites and launched desktop applications. While the attack has limitations—requiring the victim's activity and browser to be on the same SSD, the creation of a large file to bypass the cache, and potential blocking if the browser profile is in RAM—it highlights how modern browser advancements increase the attack surface for surveillance. Companies like Google, Microsoft, and Adobe are developing more complex in-browser applications, which could potentially be exploited by such techniques. The researchers noted that Firefox's storage limits per website make the attack more difficult on that specific browser. Source: Tech Radar SC Staff Related Privacy Trump administration’s voter data collection efforts face legal challenges SC Staff May 14, 2026 The Department of Justice's Office of Legal Counsel issued a memo arguing that a provision in the 1960 Civil Rights Act, requiring election officials to retain voter records for 22 months, grants the Attorney General the authority to obtain copies of these records. Security Operations Children easily bypass online age verification systems, report finds SC Staff May 8, 2026 The report highlights that children are aware of multiple methods to bypass these checks, either through personal experience or peer knowledge. Data Security FTC bans Kochava from selling location data without consent SC Staff May 6, 2026 The FTC's complaint detailed how Kochava collected and sold geolocation data from hundreds of millions of mobile devices, enabling clients to track users' movements to and from sensitive locations such as health clinics and places of worship. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Anonymization Authenticity Basic Authentication Biometrics Challenge-Handshake Authentication Protocol (CHAP) Digest Authentication Digital Certificate Discretionary Access Control (DAC) Geolocation Inference Attack You can skip this ad in 5 seconds