I use a browser exclusively to crypto related stuff, and for now it is brave. I am thinking about moving to Edge due to loading times and performance overall. I didn't know that brave could have security issues, but I wouldn't doubt it. Brave is a very small project which gained a lot of visibility due to BAT (which is a great idea btw, but poorly executed).
Imo, BAT could just be a browser add-on that reward users in BTC without any KYC.
I installed for the first time and I didn't use it much. One month after installation, I registered on one gambling website to make an investment using Brave browser with the thought that it is safe, and it is clean because it is freshly installed and unused. I didn't get to activate 2FA on the casino account, and after a few days, someone closes my investment and withdraw funds. In logs, there is only access from my IP address, also from the casino side (as his support says). None of my other accounts, email addresses (related to many exchange accounts, Bitcointalk account ...), wallets etc... was touched except this from Brave browser (mostly preserved user and pass in browser).
so only Brave browser is compromised. I tested a few days, many things with many tools and I haven't find anything suspicious.
btw I opened a new account on the same casino, and make a new investment, of course out of Brave, and everything is normal and without security problems.
About his rewards, if you research, you will see them being accused of using affiliate links there, like AAX exchange. ??
Also more interesting things about Brave https://www.publish0x.com/everything-cryptocurrency2/brave-browser-is-tracking-you-and-35089877-is-the-proof-upda-xjjodjn?a=joQeZJepZV&tid=htacc