Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published
Mozilla develops Firefox and related internet technologies, with vulnerability disclosures and security updates relevant to browser security and safety.
Search across headline titles and summaries.
Background for this topic.
Mozilla is an open-source software organization best known for developing Firefox and related internet technologies. Its security relevance centers on software that parses untrusted web content: browsers expose users to malicious sites, crafted documents, extensions, and vulnerable dependencies, so flaws in rendering, JavaScript, networking, or privilege boundaries can have serious consequences.
Mozilla publishes security advisories for Firefox and maintains release channels including Extended Support Release (ESR), providing data for vulnerability and patch management. High-severity bugs may enable code execution, sandbox escape, credential theft, or privacy exposure, although severity alone does not prove exploitation. Practitioners should track advisories and affected versions, prioritize updates, restrict untrusted extensions, and apply enterprise policies where appropriate. Firefox privacy controls, including tracking protection and anti-fingerprinting features, reduce some collection and profiling but do not replace endpoint hardening or secure identity practices.
Weekly headline count for the current query.
Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla
Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence (GenAI) features
The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla Firefox
A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code, and commit click and ad fraud
Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users' digital assets at risk
Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day
Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate
Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users
The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without explicitly seeking users' consent
Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser
Mozilla has announced that some add-ons may be blocked from running on certain sites as part of a new feature called Quarantined Domains
An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "serious loopholes" that allow apps to provide misleading or outright false information
A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018
A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018
The Donot Team threat actor has updated its Jaca Windows malware toolkit with improved capabilities, including a revamped stealer module designed to plunder information from Google Chrome and Mozilla Firefox browsers
A malicious browser extension with 350 variants is masquerading as a Google Translate add-on as part of an adware campaign targeting Russian users of Google Chrome, Opera, and Mozilla Firefox browsers