Threat actors may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.