Fullscreen API

SquareX warns of a new “Browser in the Middle” phishing technique using fake fullscreen login pop-ups to steal credentials. Exploiting browser vulnerabilities in Chrome, Edge, and Safari, attackers create convincing illusions. Safari is at highest risk due to a lack of visual warnings during the transition to fullscreen mode.