I actually think escaping the browser is a huge leap and a frequently a primary goal for a black hat. Eg someone trying to install ransomware, or a spy targeting a specific person or org.
From outside the browser they can exploit kernel bugs to elevate their privilege; and they can probe the network to attempt to move laterally in the org.
So while I think your comment is thoughtful, its thoughtfulness made me think of agreeing with the opposite :-)
From outside the browser they can exploit kernel bugs to elevate their privilege; and they can probe the network to attempt to move laterally in the org.
So while I think your comment is thoughtful, its thoughtfulness made me think of agreeing with the opposite :-)