London Daily

Focus on the big picture.
Thursday, Jul 09, 2026

Apple browser bug could lead to personal data leak

Apple browser bug could lead to personal data leak

A vulnerability in the Safari 15 browser allows malicious programs to track people’s internet activity and reveal their identity
A recently disclosed Apple Safari 15 bug can be used by nefarious sites to extract people’s browsing history and obtain their Google ID to collect more personal data, a fraud detector reports.

The problem identified by FingerprintJS, a browser fingerprinting fraud detection service, resides with IndexedDB – an application programming interface, or API, used to store large amounts of data on a browser.

Normally, such data collecting interfaces operate within the ‘same-origin’ policy: they only allow websites a person interacts with to access data generated by each such website itself but not the other ones. For example, if a person opens their email account in one browser tab and another webpage in the second one, this webpage would not be able to access any email-related data.

When it comes to Safari 15, though, this is not the case. Due to Apple’s application of the IndexedDB API, each time a website interacts with the browser database, a new database of the same name is created for all other active tabs. That means that each such site can access database names for all other sites a person interacts with at the same time.

This can be particularly disturbing when a person interacts with some web pages requiring some personal data like YouTube or Google accounts. Any Google ID-linked pages create databases with a person’s unique Google User ID in their names, which are then de-facto shared with all other websites a person opens and can thus be potentially exploited by nefarious actors, including to obtain more personal data once they know the Google ID.

MacOS owners can potentially just use a browser other than Safari to get around the bug but there is little iPhone and iPad owners can do since Apple’s third-party browser engine ban on all iOS devices means all browsers are affected. Private mode on Safari 15 is affected as well.

FingerprintJS even created a special demo to show how website data, browsing history and personal data are collected by Safari in a way that reveals a person’s internet profile picture. It also said it reported the issue to the WebKit Bug Tracker on November 28, but no updates to fix the issue have been released as of yet. Apple also has not answered media requests for comment so far.
Newsletter

Related Articles

0:00
0:00
Close
Global News Brief: Escalating Conflicts, Public Health Crises, and World Cup Drama
Tech Pulse: The Future of AI and Screen Culture
Rare Early Copy of US Declaration of Independence Found in British Archive
Cornish Language Revival Gains Momentum Through Schools and Community Programs
UK Authorities Face Criticism Over Prisoner Early Release Safeguards
Clacton By-Election Set After Nigel Farage Resigns Seat to Trigger Contest
Government Agencies Review Long-Term Fiscal Risks from Aging Population and Low Productivity
UK Heatwaves Expose Pressure on Public Transport and Housing Infrastructure
UK Government Prepares Welfare Review Amid Debate Over Personal Independence Payment Reform
UK Government Expands Rapid Endometriosis Testing Across NHS Services
Vistry Group Issues Profit Warning as UK Housing Market Faces Continued Pressure
Virgin Media Receives Record Twenty-Eight Million Pound Fine Over Contract Cancellation Failures
Office for Budget Responsibility Warns UK Public Finances Face Long-Term Pressure
UK Watchdog Warns Regional Income Gap Has Barely Narrowed in Three Decades
IMF Raises United Kingdom Growth Forecast as Inflation and Energy Pressures Ease
UK Government Launches Regulatory Reform Bill to Speed Up Commercialization of Innovation
Prince Harry Loses Privacy Lawsuit Against Daily Mail Publisher After High Court Rejects Claims
Federal Financial Framework Shifts as Treasury Launches Universal Savings Program for Minors
Jet2 Reports Strong Summer Travel Demand as Bookings Rise Seven Percent
Prince Harry Loses High Court Privacy Case Against Daily Mail Publisher
British Universities Warn Against Potential European Union Tuition Fee Changes
Heal Fertility Clinic Investigated After Embryo Biopsy Sample Mix-Up
Resolution Foundation Warns Regional Income Divide Has Barely Improved Since 1997
British Markets Remain Cautious as Middle East Tensions Rise and Government Transition Nears
Andy Burnham Poised to Become United Kingdom Prime Minister in Expected Political Transition
Nigel Farage Resigns as Member of Parliament Ahead of By-Election Amid Funding Investigation
Trump Declares Iran Ceasefire Over After Renewed Attacks on United States Bases
French Court Allows Le Pen to Run for Presidency, but with an Electronic Tag: "I Will Appeal, and I Will Run"
$1.4 Trillion: The Lawsuit That Could Crush Meta
Europe's Growing Struggle with Extreme Heat and Air Conditioning
UK Daily Briefing: Legal Developments and Social Issues
Political Turmoil and Rising Costs
Anthropic Reengineers Agentic Architecture to Shift Autonomous Workplace Automation to the Cloud
Logic Flaw in Windows 11 Permission Architecture Silently Consumes Hundreds of Gigabytes of Local Storage
Apple Advances Late-Stage Operating Systems with Fourth Beta Deployments
Global Crisis Alert: Escalating Middle East Tensions and UK Political Upheaval
UK Parliament Pushes for Greater Domestic Control Over Critical Technologies
UK Parliament Warns Trade Fair and Exhibition Industry Is Losing Global Competitiveness
Police Launch Murder Investigation After Mother and Two Children Found Dead Near Bedford
British Chambers of Commerce Survey Shows Business Confidence Falls to Post-Pandemic Low
UK Parliament Report Warns Britain Risks Falling Behind in Artificial Intelligence Sovereignty
Office for Budget Responsibility Warns United Kingdom Faces Long-Term Fiscal Pressures
Nigel Farage Resigns as Member of Parliament Amid Financial Scrutiny and Triggers By-Election
Deep Purple Has Released Its Best Album in Decades
UK MPs Criticise Student Loan System as Potentially Mis-Sold to Millions of Borrowers
Policy Groups Propose Bank of England-Backed Solar Loan Scheme for Millions of Homes
UK Health Agency Issues Amber Heat Alerts Across Six Regions as Temperatures Rise
Royal Air Force F-35 Jets Conduct First High North Air Policing Missions From Aircraft Carrier
Major UK Companies Join Government Cybersecurity Pledge Amid Rising Digital Threats
UK Sanctions Russian Operatives Linked to Chemical Weapons Programmes and Poisoning Cases
×