A new technique called FROST (fingerprinting remotely using OPFS-based SSD timing) enables websites to spy on visitors by analyzing subtle interactions with their solid-state drives. The method, detailed in a research paper, exploits a side channel that leaks information through physical manifestations such as the time required to complete a task. By measuring these timing variations, attackers can infer which other sites a visitor is viewing and what applications are open on their device.

The technique leverages the OPFS (Origin Private File System) API, which is designed to provide web applications with high-performance file access. Researchers discovered that the timing of SSD operations can be measured through this API, creating a side channel that reveals contention for storage resources. When multiple processes access the SSD simultaneously, the resulting delays can be detected and used to infer activity on the device.

FROST represents a significant evolution in browser-based tracking methods. For decades, websites have employed various covert techniques to track visitors, including browser fingerprinting, keystroke logging, and mouse movement analysis. Even major companies like Meta and Yandex have been caught engaging in privacy-invasive tracking. The new SSD-based approach adds another dimension to these surveillance capabilities.

The attack works by measuring the time it takes to perform read and write operations on the SSD through the OPFS API. When a user visits multiple sites or runs multiple applications, the SSD experiences contention as it handles concurrent requests. By analyzing the timing patterns of these operations, a malicious website can determine what other sites are open in the browser or what native applications are running on the system.

Researchers demonstrated that FROST can achieve high accuracy in identifying specific websites and applications. The technique does not require any special permissions or user interaction beyond visiting a webpage. It works across different browsers that support the OPFS API, including Chrome, Edge, and Opera. The attack is particularly effective on systems with NVMe SSDs, which have more predictable timing characteristics.

The discovery raises significant privacy concerns, as users have no easy way to prevent this type of tracking. Unlike cookies or browser fingerprinting, SSD timing attacks cannot be blocked by traditional privacy tools like ad blockers or anti-tracking extensions. The only mitigation currently available is to disable the OPFS API entirely, which would break legitimate web applications that rely on it.

The research paper was presented at a security conference and has been shared with browser vendors. Google and Microsoft have been notified of the vulnerability, but no patches have been released yet. The researchers recommend that users remain cautious about which websites they visit and consider using separate browser profiles for different activities to reduce the risk of cross-site tracking.

As of now, there is no easy fix for FROST. The technique exploits fundamental characteristics of SSD storage that cannot be easily changed without affecting performance. Browser vendors may need to implement timing obfuscation or limit the precision of OPFS timing measurements to mitigate the attack. Until such measures are deployed, users are advised to be aware that their SSD activity can be monitored by websites.

Federal prosecutors have charged a Google engineer with insider trading, accusing him of using non-public information to profit from bets placed on the prediction market platform Polymarket. The charges, filed in a U.S. district court, allege the engineer made approximately $1.2 million through a series of wagers tied to Google's internal data.

According to the criminal complaint, the engineer risked more than $2.7 million on bets related to Google's 2025 Year in Search campaign. The campaign, which highlights trending search queries, relies on proprietary data not available to the public. Authorities say the engineer accessed this confidential information as part of his role at the company.

The complaint details how the engineer allegedly used his knowledge of upcoming search trends to place bets on Polymarket, a platform that allows users to wager on the outcomes of real-world events. The bets were structured around which topics or phrases would appear in the Year in Search list, giving the engineer an unfair advantage over other traders.

Prosecutors claim the engineer executed the trades through multiple accounts to avoid detection. The scheme reportedly spanned several months, with the engineer placing bets on various categories within the campaign. The total amount wagered exceeded $2.7 million, with net profits reaching $1.2 million.

The case marks one of the first instances of insider trading charges involving a prediction market. Polymarket, which has grown in popularity for its political and event-based betting, has faced scrutiny over potential market manipulation and insider trading. The platform has stated it cooperates with law enforcement and has implemented measures to prevent such activities.

Google has confirmed it is cooperating with the investigation. The company said the engineer has been suspended pending the outcome of the legal proceedings. Google emphasized its commitment to protecting confidential information and stated it has strict policies against insider trading.

The engineer faces charges of securities fraud and wire fraud, each carrying potential prison sentences of up to 20 years. A court date has not yet been set. The case is being prosecuted by the U.S. Attorney's Office for the Southern District of New York.

7-Eleven has confirmed a data breach that exposed the personal information of over 185,000 individuals. The incident was disclosed in a filing with the state government, detailing the types of data compromised. Affected data includes names, dates of birth, postal addresses, and Social Security numbers, according to the filing.

The breach was discovered during a routine security review, the company stated. 7-Eleven has not yet disclosed the exact method of the breach or how long the attackers had access to the systems. The company is working with law enforcement and cybersecurity experts to investigate the incident.

Customers whose data was compromised are being notified by mail. 7-Eleven is offering affected individuals free credit monitoring and identity theft protection services for a period of one year. The company has also set up a dedicated call center to answer questions from concerned customers.

The breach appears to have targeted a specific database containing personal information. 7-Eleven has since implemented additional security measures to prevent future incidents. The company urged customers to remain vigilant and monitor their financial accounts for suspicious activity.

This incident adds to a growing list of data breaches affecting major retailers. 7-Eleven operates over 70,000 stores globally, though the breach appears to be limited to its U.S. operations. The company has not disclosed the exact number of affected stores or the timeframe of the breach.

7-Eleven has not yet provided a timeline for when the breach occurred or when it was first detected. The company stated that it is cooperating fully with authorities and will provide updates as the investigation progresses. Customers are advised to change their passwords and enable two-factor authentication on their accounts.

The company emphasized that it takes data security seriously and apologized for the inconvenience caused. 7-Eleven is reviewing its security protocols and investing in additional safeguards to protect customer data. The breach is a reminder for consumers to regularly monitor their personal information for signs of misuse.

An Israeli cybersecurity firm has identified Iranian government-backed hackers as the perpetrators behind a series of data breaches attributed to the fake hacktivist persona 'Ababil of Minab'. The breaches began after the start of the war in Iran, according to the firm's report. The Los Angeles transit system was among the targets, suffering a breach that took weeks to fully recover from.

The hackers, operating under the guise of hacktivists, have claimed responsibility for multiple data breaches since the conflict began. The Israeli firm's analysis traced the attacks back to Iran's government, linking the persona to state-sponsored cyber operations. The Los Angeles transit system breach disrupted services and required extensive recovery efforts.

The transit system did not immediately comment on the attribution, but officials previously acknowledged the breach and the prolonged recovery process. The hackers claimed to have stolen sensitive data, though the extent of the compromise remains unclear. The Israeli firm's report provides technical evidence connecting the attacks to Iranian state actors.

Ababil of Minab first emerged as a hacktivist group claiming to target Israeli and Western entities. However, the cybersecurity firm's investigation revealed that the group's operations align with known Iranian cyber espionage tactics. The Los Angeles transit system breach is one of several incidents attributed to this group since the war began.

The recovery process for the transit system involved restoring systems and securing networks, taking weeks to complete. Officials have not disclosed the full impact on operations or passenger data. The Israeli firm's findings underscore the ongoing threat of state-sponsored cyber attacks disguised as hacktivism.

The breach highlights the vulnerability of critical infrastructure to sophisticated cyber attacks. The Los Angeles transit system has since implemented additional security measures to prevent future incidents. The Israeli firm continues to monitor Ababil of Minab's activities, warning that further attacks are likely.

The attribution of the breach to Iranian hackers adds to tensions between Iran and Western nations. The Israeli firm's report has been shared with relevant authorities. The Los Angeles transit system has not confirmed the attribution but has cooperated with cybersecurity experts to address the breach.

As of now, the transit system has fully recovered from the breach, with no further disruptions reported. The Israeli firm's analysis provides a detailed account of the hackers' methods and connections. The incident serves as a reminder of the persistent cyber threats facing public infrastructure.