
Session cookie theft: how Chrome's DBSC protects you — and where extensions still get in
Chrome 146's Device Bound Session Credentials make stolen session cookies useless on another machine. How DBSC works and the gap extensions still exploit.
Maxim Kosterin
9 min read