Over the past 18 years, major browsers like Safari, Google Chrome, and Mozilla Firefox have done this hackers infiltrating private networksIt was revealed that it contained a critical security issue that made this possible. This vulnerability is caused by a vulnerability called “0.0.0.0-log” and the browsers are reportedly taking steps to finally fix this issue.

Cybersecurity initiative OligoAccording to research by , searches for the IP address 0.0.0.0 are processed by browsers by mistakenly redirecting them to other IP addresses. This vulnerability allows hackers to infiltrate home and corporate networks and gain access to confidential data. Apple, Google and MozillaMozilla Inc. is developing several mitigation plans for this vulnerability, but Mozilla’s fix is ​​not yet complete.

Oligo Cyber ​​​​Security Company: New Way to Infiltrate Internal Network Through Browsers Revealed

Gal Elbaz, co-founder of Oligo Security, and AI security researcher Avi Lumelsky made the following statements about using localhost APIs from within the browser: “Browser-based attacksis nothing new in the malicious attack pattern landscape. Browsers remain a popular penetration method for attackers. While ostensibly local, services running on localhost are exposed to the browser thanks to a flaw we found, exposing ports on the localhost network interface and leaving the door open for remote network attacks.

In this live demo and attack simulation, a zero-day attack is performed on Chrome and other browsers. security errorWe will explain (responsibly disclose) how we used the 0-day vulnerability to target developers behind firewalls. An extremely popular platform serving millions of people in the data engineering ecosystem, running on localhost. open source platformWe will also demonstrate remote code execution.

In our talk we present new attack techniques that target developers and employees in an organization behind firewalls. “This is the first time we are going to investigate this newly discovered zero-day vulnerability in detail.”

Are users vulnerable to danger?

Fixing this critical vulnerability is considered an important step in browser security. While Apple is offering an update to close this vulnerability in the macOS 15 Sequoia beta, Google is expected to release a similar update. However, the fact that Mozilla has not yet developed a fix for Firefox leaves users vulnerable to this danger. Researchers stress that the 0.0.0.0-log vulnerability is a problem that has been ignored for many years and that the remediation process should be completed quickly.

These major developments in browser security are very important for protecting user data and increasing safety on the Internet. We can say that by eliminating these weaknesses, the goal is to provide a safer Internet environment against cyber threats.