A critical vulnerability that allows low-privileged attackers to decrypt Chrome’s AppBound Cookie Encryption, a security feature Google introduced in July 2024 to protect user cookies from infostealer malware. The attack, dubbed C4 (Chrome Cookie Cipher Cracker), exploits a Padding Oracle Attack against the Windows Data Protection API (DPAPI) encryption system. Summary1. Researchers developed “C4” attack […]
The post New C4 Bomb Attack Bypasses Chrome’s AppBound Cookie Encryption appeared first on Cyber Security News.
This article has been indexed from Cyber Security News