Safari Flaw Lets Sites Harvest Personal Info

A security researcher uncovered a flaw in Apple's Safari Web browser that allows Internet sites to harvest personal information from visitors. The flaw, which exploits the Web browser's "auto-fill" capabilities, allows Web sites to scrape information like the name, e-mail, address, phone number and place of work of the person who uses the computer, which many Macintosh users store in their digital address books.