Exploiting Localhost APIs From The Browser - Zero-Day Vulnerability and Attack Techniques

Watch a DEFCON 32 conference talk exploring a groundbreaking zero-day vulnerability in Chrome and other browsers that enables attackers to exploit localhost APIs. Learn about novel browser-based attack techniques targeting developers and employees behind firewalls through a live demonstration and attack simulation. Discover how this security flaw exposes ports on the localhost network interface, potentially leading to remote network attacks. Follow along with a real-world example showing remote code execution on a popular open-source data engineering platform that operates on localhost, serving millions of users. Gain deep technical insights into this newly discovered vulnerability and its implications for organizational security through this first-ever comprehensive analysis.