Security expert and blogger Jeremiah Grossman uncovered a disturbing exploit in Safari 4 and 5. Enabled by default, Safari's AutoFill feature uses information from your Address Book card to automatically fill information in web forms. Handy in theory, but a web site with malicious intent can fairly easily get that information without the user ever entering anything into the site. More »
