logo

Websites Can Now Spy on You Through Your Hard Drive

ID: 5a14a606-2b3f-5701-92a3-80df4715c3de

STIX ID: report--5a14a606-2b3f-5701-92a3-80df4715c3de

Feed Name: WIRED Security

Threat Score
35/100

Date Published: 2026-06-01

Date Updated: 2026-06-01

Author: Dan Goodin, Ars Technica

...
...

Researchers describe FROST, a browser-executed side-channel attack that uses large OPFS files and timing measurements of SSD reads to infer other open websites and applications on a victim’s device; the JavaScript probe data is classified with a convolutional neural network. The technique is notable for running entirely in-browser without user interaction, but it has practical limitations (requires very large OPFS files, must be on the same SSD, and would likely be detectable), and there are no indications it has been used in the wild.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.