New Spectre attack enables secrets to be leaked over a network
It’s no longer necessary to run attacker code on the victim system. When the Spectre and Meltdown attacks were disclosed earlier this year, the initial exploits required an attacker to be able to run code of their choosing on a victim system. This made browsers vulnerable, as suitably crafted JavaScript could be used to perform Spectre attacks. […]