Cross-browser tracking vulnerability compromises user anonymity