This post explains how a malicious hacker can exploit a CSRF vulnerability in the Yandex browser that would allow them to get hold of the victim’s confidential browsing data, including bookmarks, browsing history and also saved usernames and passwords.