Latest coverage for Firefox
Stay informed on Firefox security updates, vulnerabilities, and privacy enhancements with the latest in information security news and expert analysis.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Firefox is an open-source web browser developed by Mozilla. It executes untrusted web content using security boundaries such as the same-origin policy and sandboxing, while providing protections against deceptive sites, downloads, and unwanted tracking. Its extension system also allows third-party code to access browser data or modify pages, depending on the permissions granted.
For security teams, browser vulnerabilities matter because a malicious or compromised website can exploit flaws to achieve code execution, bypass isolation, or steal information; exploitation risk depends on the specific defect and the deployed configuration. Vulnerability management therefore includes monitoring Mozilla security advisories, testing and rapidly deploying updates, and using the Extended Support Release where its slower feature cadence suits managed environments. Administrators should control extensions, apply enterprise policies, and treat privacy settings and browsing data as part of endpoint security and incident investigation.
Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows
Russia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems
Firefox and Windows zero-days exploited by Russian RomCom hackers
Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. [...]