ui integrity

When a Firefox user encountered a network error while loading a page, the browser could leave the previous page’s content visible while showing an empty address bar — a confusing state that attackers could use to hide the real destination and attempt a spoofing attack. The bug, tracked as...

Microsoft has confirmed a Chromium‑based Microsoft Edge spoofing flaw, tracked as CVE‑2025‑65046, that allows a malicious page or a content script injected into a page to display a browser extension’s popup over a permission prompt or screen‑share dialog, enabling the extension UI to impersonate...