December 2, 2024 at 05:41PM Mozilla is testing a new setup screen for Firefox that encourages users to set it as their default browser during installation. This approach, which includes default options for pinning to the taskbar and data import, aims to enhance user onboarding and increase adoption amid competition from Google and Microsoft. ### … Read more
November 26, 2024 at 04:44PM In October, Russian hackers exploited two zero-day vulnerabilities affecting Firefox and Windows, allowing them to deploy malicious code via infected websites. The vulnerabilities were swiftly patched, limiting potential damage, primarily impacting targets in North America and Europe. The attackers utilized fake domains related to IT services to spread the malware. … Read more
November 26, 2024 at 06:28AM The Russian-based RomCom cybercrime group exploited two zero-day vulnerabilities targeting Firefox and Tor Browser users, allowing remote code execution without user interaction. Their attacks, focusing on organizations in Ukraine, Europe, and North America, utilized a malicious website to deploy the RomCom backdoor, indicating sophisticated capabilities and targeted espionage motives. ### … Read more
October 14, 2024 at 09:15AM Tor browser version 13.5.7 is being released to address a zero-day vulnerability that was recently exploited, highlighting security concerns for Tor users related to Firefox. The update aims to enhance protection against such threats. **Meeting Takeaways:** 1. **Tor Browser Update**: Version 13.5.7 of the Tor browser is being rolled out. … Read more
August 7, 2024 at 04:24AM Mozilla and Google released updates for their web browsers, patching a total of 20 vulnerabilities. Google’s Chrome version 127.0.6533.99 fixed six vulnerabilities of various severity, including a critical out-of-bounds memory access issue. Meanwhile, Mozilla’s Firefox version 129 addressed 14 vulnerabilities, 11 of which are rated as high severity. Both companies … Read more
March 25, 2024 at 11:04AM Mozilla quickly patched two critical Firefox zero-day vulnerabilities after they were demonstrated by researcher Manfred Paul at the Pwn2Own event in Vancouver. The bugs, rated “critical,” allowed for out-of-bounds read/write and privileged code execution. Mozilla released Firefox 124.0.1 to address the vulnerabilities, with some users encountering upgrade issues. Paul earned … Read more
March 25, 2024 at 06:18AM Mozilla has released updates for the Firefox browser to fix two zero-day vulnerabilities that were exploited at the Pwn2Own Vancouver 2024 hacking contest. The first vulnerability allows for bypass of range analysis, while the second issue leads to a sandbox escape. Both vulnerabilities are considered critical and were patched in … Read more
March 22, 2024 at 01:52PM Mozilla released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition. Manfred Paul earned $100,000 and 10 Master of Pwn points after exploiting the flaws. Mozilla quickly patched the vulnerabilities in Firefox 124.0.1 and Firefox ESR 115.9.1 to prevent … Read more
January 25, 2024 at 06:48AM Mozilla announced security updates for Firefox and Thunderbird to patch 15 vulnerabilities, including five high-severity flaws. The first flaw could allow memory corruption and potential denial of service or execution of arbitrary code. Other issues include failure to update user input timestamp, unchecked return value in TLS handshake code, and … Read more
December 21, 2023 at 06:06AM Mozilla has revised its position to implement Trusted Types in its Firefox browser, aiming to decrease web attacks relying on injected code. This technology addresses DOM-XSS, reducing the common vulnerability. Still undergoing technical improvements, it’s expected to enhance web security when widely adopted. Tech giants like Google, Meta, and Microsoft … Read more