Once upon a time, all your work was done with applications running on an O/S. Many times it was found that weaknesses in the O/S permitted the underhand installation of nasty things that could compromise your applications. Over many years O/S security was improved until such things became, largely, a thing of the past.
Then we moved all your work into the browser...(!)
Rinse, repeat ad nauseum.
See also: Failing to learn from your own mistakes / Who could possibly have seen that coming? / etc.