This worrying Apple Safari security bug could leave users wide open to cyberattacks

SquareX says hackers can abuse the Fullscreen API in Safari to trick people into running remote browsers. The browser-in-the-middle attack is good for stealing login credentials. Apple says guardrails are in place and will not pursue it further.