- 12:40
- -
- 13:10
What if a user could unlock premium content, get admin privileges, or skip your paywall — all with just a browser console?
In modern frontend development, we rely on browser storage for user experience, performance, session management, and more. But those same tools — localStorage, cookies, sessionStorage, and friends — can open the door to real-world security breaches.
This talk exposes the hidden risks of client-side storage through real examples of how attackers (and sometimes just curious users) took advantage of sloppy storage handling to hijack apps, steal data, and bend logic in unexpected ways.
No advanced skills required. Sometimes, all it takes is DevTools and a spare minute.
And with AI becoming part of our frontends — the attack surface is only growing.
By the end, you’ll probably rush to check what your app is leaving behind in your users’ browsers.
Hila Kraisler is a Principal Software Engineer and Front-End Tech Lead at CyberArk.
She has over a decade of experience in front-end development and is passionate about mentoring and knowledge sharing.
She writes technical blog posts and actively supports women in tech. Hila is the co-founder and co-leader of CyberArk's technical women community, which fosters growth and collaboration among female professionals.