Brave Software: Brave Shields Domain Reordering Leads to Origin Confusion

The Brave Shields feature was observed to reorder domain names, leading to potential origin confusion. Specifically, the domain "1.attacker.com" was displayed as "attacker.com.1", and "1.1.1.1.attacker.com" was displayed as "attacker.com.1.1.1.1". This behavior could potentially mislead users abo...

Brave Software: Brave Android: Incorrect URL Eliding in Brave Shields Pop Up

A vulnerability was discovered in the Brave Android browser where the URL was not properly elided from the front when displayed in the Brave Shields pop-up. This could have led to URL confusion or spoofing for users. The issue was not present in the desktop version of Brave...

Brave Software: Persistent user tracking is possible using window.caches, by avoiding Brave Shields

A vulnerability was discovered in Brave for iOS version 1.41.1 that allowed for persistent user tracking using window.caches, even when Brave Shields were enabled to block cookies. This could potentially allow for user tracking without their consent or knowledge...