The "line of death", where the browser UI splits between trusted UI elements and UI controlled by the website.
Also argues that HTTP warnings are better than HTTPS padlocks, because there's incentive to spoof padlocks lower on the page.
https://emilymstark.com/2022/12/18/death-to-the-line-of-death.html