A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data. The technique is a JavaScript-based line of attack that specifically aims to get around barriers Google put in place to potentially prevent leakage. As a consequence, any data stored in the memory of a website being rendered or a Chrome extension can be extracted, including personal information displayed on the website, and auto-filled usernames, passwords, and credit card numbers.”]
Source: https://thehackernews.com/2021/09/new-spookjs-attack-bypasses-google.html

