'A new security threat called the browser-in-the-middle (BITM) attack has recently been uncovered, exposing users—especially those using Apple’s Safari browser—to potential exploits that could compromise their privacy and security. Reports from BleepingComputer and GBHackers highlight how attackers can take advantage of browser fullscreen features to trick users into revealing sensitive information. [...] A browser-in-the-middle attack is a phishing-like technique that leverages the browser’s fullscreen mode to impersonate legitimate websites or system dialogs. By forcing the browser to enter fullscreen mode, attackers can overlay fake login screens, pop-ups, or security warnings that look authentic but actually capture user input such as passwords, credit card numbers, or other personal data. Unlike traditional man-in-the-middle attacks that intercept communications, BITM attacks manipulate the user interface itself to create convincing illusions. Because fullscreen mode hides browser UI elements like the address bar or tabs, users may be unaware they are interacting with a fraudulent page. According to the reports, Safari’s fullscreen API is particularly vulnerable to BITM attacks. Attackers can use JavaScript to force fullscreen without user consent or notification and then display spoofed content that mimics trusted websites or system alerts. This makes Safari users a prime target, although the risk isn’t limited to this browser alone.' -- source: https://cyptd.com/beware-of-the-browser-in-the-middle-attack-what-it-is-and-... Cheers, Peter