cross-posted from: https://lemmy.pe1uca.dev/post/142289

The bug allows attackers to swipe data from a CPU’s registers. […] the exploit doesn’t require physical hardware access and can be triggered by loading JavaScript on a malicious website.