Security news aggregator

Latest coverage for Firefox

Stay informed on Firefox security updates, vulnerabilities, and privacy enhancements with the latest in information security news and expert analysis.

27 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Firefox is an open-source web browser developed by Mozilla. It executes untrusted web content using security boundaries such as the same-origin policy and sandboxing, while providing protections against deceptive sites, downloads, and unwanted tracking. Its extension system also allows third-party code to access browser data or modify pages, depending on the permissions granted.

For security teams, browser vulnerabilities matter because a malicious or compromised website can exploit flaws to achieve code execution, bypass isolation, or steal information; exploitation risk depends on the specific defect and the deployed configuration. Vulnerability management therefore includes monitoring Mozilla security advisories, testing and rapidly deploying updates, and using the Extended Support Release where its slower feature cadence suits managed environments. Administrators should control extensions, apply enterprise policies, and treat privacy settings and browsing data as part of endpoint security and incident investigation.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 27 Filtered view

The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla Firefox

As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolving adversary, Scattered Spider, has made it their mission to wreak havoc on enterprises by specifically targeting

The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems

Loading more headlines...