Safari AutoFill Exploit Hands Out All Your Contact Info by Default
Security expert and blogger Jeremiah Grossman uncovered a disturbing exploit in Safari 4 and 5. Enabled by default, Safari’s AutoFill feature uses information from your Address Book card to automatically fill information in web forms. Handy in theory, but a web site with malicious intent can fairly easily get that information without the user ever entering anything into the site.
If you’re a Safari user, you’ll probably want to make sure to turn off AutoFill now. You can read more about the exploit here.