top | item 40889612

(no title)

I think it’s not a nation state actor thing. In 2018 British airways checkout got popped by a JavaScript being library being changed to eavesdrop credit cards. The same thing could easily happen with password forms

Granted they didn’t break the session in flight, but there is a low bar to achieve the same thing

discuss

No comments yet.