Chrome Cookie Encryption Bypassed: “C4 Attack” Exploits Padding Oracle to Steal Cookies