The Hacker News · Jun 9, 2026 09:50 UTC

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

Summary

A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the drive for contention in the background. Researchers at Graz University of Technology built it and

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

Original reporting

Related coverage

Ethereum hits 68 percent retracement from peak amid weak RSI

U.S. alcohol guidelines omitted risks from commissioned study

Trump booed ‘thunderously’ at NBA Finals: What we know

Stocks recover after tech sell-off but caution remains

What Andy Rooney Might Say About 60 Minutes' Downfall

Grab a huge $550 saving on this 4K-ready gaming PC with an RTX 5070 and 7800X3D right now — just $1,449 for this liquid-cooled iBuyPower rig with 16GB DDR5 and a 1TB SSD

U.S.-Canada bridge set to open despite prior opposition