Egghead says Apple has yet to patch spoofing vulnerability
A security researcher has disclosed a bug that could be abused to spoof website addresses in either Edge or Safari. Rafay Baloch told The Register that while Microsoft has since patched the flaw (CVE-2018-8383) in its browser, Apple has been dragging its feet on a fix for Safari for weeks, and the browser remains vulnerable. The vulnerability is the result of what Baloch describes as a race condition that would potentially allow the attacker to start loading a legit page, causing the page's addr...