With a simple exploit , browsers like Chrome and Safari can be tricked into handing over your credit carte du jour entropy to hackers . And you would n’t even realize it .

Viljami Kuosmanenis a cyberpunk withFuturiceandtook to Githuband Twitter to point out a simple feat on malicious websites that can rip you off . As he excuse , internet browser like Chrome and Safari are congeal to autofill information into text boxes with data like your phone phone number , address , credit card act , etc . Typically , browsers will determine the type of selective information the site is demand for , then keep the rest . But , Kuosmanennotes , hackers can obscure certain schoolbook box — think user would n’t they ’ve been autofilled . And since the malicious websites can be designed to look like pretty much anything , the danger is real .

Here ’s what the exploit look like :

Argentina’s President Javier Milei (left) and Robert F. Kennedy Jr., holding a chainsaw in a photo posted to Kennedy’s X account on May 27. 2025.

This is why I do n’t care autofill in web forms.#phishing#security#infosecpic.twitter.com / mVIZD2RpJ3

— viljami.io 🇺 🇸 ( @anttiviljami)January 4 , 2017

So even if you only input your information the textbook box you saw , Chrome could have autofilled hidden box with more sensible material . And because the site would have to be laid out specifically to hide boxes , you would n’t necessarily notice that the information was being sent . That ’s not undecomposed if the data let in credit card information .

William Duplessie

In the replies to the original tweet , other user suggested simple fixture to the affect browsers , likenotifying userswhat information they ’ve filled in before submitting or simplyrestricting autofillto only seeable boxes . For now , the wanton way to avoid the exploit is simply to disable your autofill feature .

Disabling autofillon Chrome is accessed first by cluck Preferences and then Show Advanced configurations . you could also go tochrome://options/. From there , you just uncheck the box :

Disabling autofillon Safari is access first via Preferences and then by go to the ‘ AutoFill ’ check and unchecking the box seat .

Starship Test 9

Firefox requires manual autofill for text box , meaning you have to at least vacillate over a text corner before it ’s filled in . That means the effort wo n’t work as well in the internet browser , since you ca n’t replete in the boxes you ca n’t see .

We arrive at out to Apple and Google for comment on Kuosmanen ’s exploit and how to avoid it . We ’ll update this post if we hear back .

[ The Guardian ]

Lilo And Stitch 2025

Update : 1/13/17 3 pm ET : After publication , a Google rep reach out out to say the company is “ aware of the issue and turn to address it . ”

HackingThe Purge

Daily Newsletter

Get the practiced technical school , scientific discipline , and culture news in your inbox daily .

tidings from the future , delivered to your present .

You May Also Like

CMF by Nothing Phone 2 Pro has an Essential Key that’s an AI button

Photo: Jae C. Hong

Doctor Who Omega

Roborock Saros Z70 Review

Argentina’s President Javier Milei (left) and Robert F. Kennedy Jr., holding a chainsaw in a photo posted to Kennedy’s X account on May 27. 2025.

William Duplessie

Starship Test 9

Lilo And Stitch 2025

Roborock Saros Z70 Review

Polaroid Flip 09

Feno smart electric toothbrush

Govee Game Pixel Light 06