Security News > 2019 > August > Header aches in Firefox, Tor, Brave and Chrome as HTTP opens new security holes
2019-08-13 10:11
Alternative Services spec bungled by browser makers The HTTP Alternative Services header can be abused to conduct network reconnaissance and attacks, to bypass malware protection services, and to foil tracking defenses and privacy assumptions, according to a paper scheduled to be presented at the WOOT '19 security conference on Tuesday.…
News URL
Related news
- Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers (source)
- Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers (source)
- Hetty: Open-source HTTP toolkit for security research (source)
- WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- After Chrome patches zero-day used to target Russians, Firefox splats similar bug (source)
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857) (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)