Skip to main content

Your browser might be filling in hidden fields and giving away your secrets

A hand on a laptop in a dark surrounding.
Image used with permission by copyright holder
It seems like you can’t go online lately without running into a new way to get infected with malware or have your identity stolen. And sometimes, it seems like there’s nothing you can do to avoid exposing yourself to trouble.

One of the more difficult traps to avoid is a phishing site, which presents itself as a legitimate page while requesting account and other sensitive information. Now, there’s apparently a browser vulnerability that can enter information on phishing sites without your knowledge and without your needing to do a thing, as ZDNet reports.

Basically, as security researcher Viljami Kuosmanen discovered, some browsers’ autofill functionality will fill out even hidden fields on sites. The Finnish hacker posted sample code on Github demonstrating how he could grab user information such as credit card numbers, expiration dates, and security codes with hidden fields automatically filled in when accessing a page using Google’s Chrome browser.

Various browsers are affected by the vulnerability, with Apple’s Safari and the Opera browser joining Chrome. Daniel Veditz, a Mozila security researcher, posted on Twitter that Firefox doesn’t suffer from the issue because only fields that users can actually click on can be autofilled by that browser.

At this point, there doesn’t appear to be any solution to the problem other than turning of autofill functionality in your chosen browser. For example, to turn off Autofill in Chrome, go to the menu, select Settings, then “Show advanced settings …,” the uncheck “Enable Autofill to fill out web forms in a single click.”

It’s up to browser developers to fix the bug for good, of course. In the meantime, if you decide to leave autofill turned on due to its general convenience factor, you’ll need to be even more diligent about making sure you’re only visiting known and trusted websites.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
9 best 2-in-1 laptops in 2024: tested and reviewed
The back of the Surface Pro 9, with the kickstand pulled out.

The 2-in-1 form factor has certainly come into its own over the last several years. There's really no reason to limit yourself to a clamshell, as there's a 2-in-1 that will meet the needs of all but the most demanding users in terms of sheer performance.

We've reviewed every great 2-in-1 you can buy, including Chromebooks, convertibles, and powerful 16-inch versions. The overall best 2-in-1 at the moment is the Microsoft Surface Pro 9 (although that might change very soon), with its fantastic keyboard that's as easy to remove as it is to type on, a 120Hz display, and a haptic-enabled pen. It's almost as good a laptop as it is a tablet, which is what makes it the best overall 2-in-1.

Read more
Here’s why everyone is talking about this controversial new Windows AI feature
Microsoft introducing the Recall feature in Windows 11.

When Microsoft went to launch its new Copilot+ PCs, it needed an AI feature that could showcase the power of the new NPU and AI models. That feature is Recall.

On one hand, it's a privacy nightmare wrapped in a glorified search bar. On the other, it could represent the biggest change to the way we use PCs in years.
What is Recall?

Read more
Microsoft is adding a controversial app to Windows 11
Microsoft Surface Laptop 2 sitting on a table.

A new Windows 11 build is rolling out in Microsoft's Beta channel, and it includes an app that's been caught up in some controversy. Build 22635.3646 includes the PC Manager app for devices in China by default. This app is already available through the Microsoft Store, but the update suggests the app might be part of Windows 11 more broadly soon.

PC Manager falls in the category of "system optimizers" along the lines of the  Razer Cortex Game Booster. It cleans out temporary files, frees memory that's not being used, and digs deep into your hard drive to clean out unused files. According to Microsoft, it can even "reduce ads and app pop-up interruptions." An system optimizer from Microsoft sounds great as an official release in Windows 11.

Read more