You must log in or # to comment.
Looks like another good reason not to ever use Chrome – even on Mobile.
They seemed to have demonstrated it on chrome and leveraged by the chrome browser but I don’t see why this couldn’t be exploited on any browser.
Chromium is implied. Firefox isn’t based on that code base unlike most every other browser.
It’s based on security hole in what I’m interpreting as a web API. You leverage a legitimatly logged in Google account on a malicious website and this web endpoint gives you keys to everything else