Meltdown/Spectre and the Web
The recently-released Meltdown and Spectre CPU timing attacks affect virtually every user in some way; the consequences are profound. There are plenty of good write-ups on the topic, so I don’t feel the need to re-iterate the technical details here. (See an easily digestible one from the Raspberry Pi project, and an in-depth analysis from Project Zero.)
What I do want to draw attention to is that these attacks are exploitable via web browsers.