Mozilla warns UK: Breaking VPNs will not magically fix Britain's age-check mess
Firefox maker says the tools are basic security infrastructure, not teenage contraband
Mozilla develops Firefox and related internet technologies, with vulnerability disclosures and security updates relevant to browser security and safety.
Search across headline titles and summaries.
Background for this topic.
Mozilla is an open-source software organization best known for developing Firefox and related internet technologies. Its security relevance centers on software that parses untrusted web content: browsers expose users to malicious sites, crafted documents, extensions, and vulnerable dependencies, so flaws in rendering, JavaScript, networking, or privilege boundaries can have serious consequences.
Mozilla publishes security advisories for Firefox and maintains release channels including Extended Support Release (ESR), providing data for vulnerability and patch management. High-severity bugs may enable code execution, sandbox escape, credential theft, or privacy exposure, although severity alone does not prove exploitation. Practitioners should track advisories and affected versions, prioritize updates, restrict untrusted extensions, and apply enterprise policies where appropriate. Firefox privacy controls, including tracking protection and anti-fingerprinting features, reduce some collection and profiling but do not replace endpoint hardening or secure identity practices.
Weekly headline count for the current query.
Firefox maker says the tools are basic security infrastructure, not teenage contraband
Yet it remains unclear if Anthropic's uber model was effective, or if better model middleware is what makes the difference
Mozilla CTO says AI means developers finally have a chance to get on top of security The Mozilla has revealed it tested Anthropic’s bug-finding “Mythos” AI model and feels the results it experienced represent a watershed moment for software defenders.…
Esra'a Al Shafei spoke with The Reg about the spy tech 'global trade' interview Digital rights activist Esra'a Al Shafei found FinFisher spyware on her device more than a decade ago. Now she's made it her mission to surveil the companies providing surveillanceware, their customers, and their funders.…
PLUS: Judge spanks NSO; Mozilla requires data use disclosures; TARmageddon meets Rust; And more! Infosec In Brief Former basketball star Shaquille O'Neal is 7'1" (215 cm), and therefore uses car customization companies to modify vehicles to fit his frame. But it appears cybercriminals have targeted Shaq’s preferred motor-modder.…
Lucky few randomly selected to trial the feature, which won't fully roll out for several months Mozilla is working on a built-in VPN for Firefox, with beta tests opening to select users shortly.…
Devs told to exercise 'extreme caution' with emails disguised as account update prompts Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.…
Few websites actually respect the option, says Mozilla When Firefox 135 is released in February, it'll ship with one less feature: Mozilla plans to remove the Do Not Track toggle from its Privacy and Security settings. …
Firefixed: It's maintenance time for low-complexity, high-impact security flaw It's patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in the browser.…
Can't reach someone's private server on localhost from outside? No problem A years-old security oversight has been addressed in basically all web browsers – Chromium-based browsers, including Microsoft Edge and Google Chrome, WebKit browsers like Apple's Safari, and Mozilla's Firefox.…
Sectigo bosses claim it's only a matter of time before Microsoft and Apple drop Big E from their root stores too After falling down in the estimations of major browser makers Google and Mozilla, Entrust faces a lengthy fight on its hands to regain industry trust and once more issue trusted TLS certificates.…
Compliance failures and unsatisfactory responses mount from the long-time certificate authority Mozilla is following in Google Chrome's footsteps in officially distrusting Entrust as a root certificate authority (CA) following what it says was a protracted period of compliance failures.…
Users may have to upgrade twice to protect their browsers Mozilla has swiftly patched a pair of critical Firefox zero-days after a researcher debuted them at a Vancouver cybersec competition.…
Firefox maker promises to lean on personal info brokers to scrub records Mozilla on Tuesday expanded its free privacy-monitoring service with a paid-for tier called Mozilla Monitor Plus that will try to get data brokers to delete their copies of subscribers' personal information.…
DOM-XSS attacks have become scarce on Google websites since TT debuted Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser.…
SUSE security engineer goes public on unfixed problem after disclosure drama A security engineer at Linux distro maker SUSE has published an advisory for a flaw in the Mozilla VPN client for Linux that has yet to be addressed in a publicly released fix because the disclosure process went off the rails.…
Protests planned for Wednesday in San Francisco and Denver A coalition of 90-plus groups, including Fight for the Future and Mozilla, will descend upon Slack's offices in San Francisco and Denver on Wednesday to ask on the collaboration app to protect users' conversations via end-to-end encryption (E2EE).…
Also, a Capone henchman lands behind bars, while nearly 9/10 DoD contract firms fail security standards In brief Certificate Authority TrustCor responded to its ejection from Mozilla and Microsoft's browsers by offering refunds for some customers, while leaving others to pick up the mess on their own.…
'There is no evidence to suggest that TrustCor violated conduct, policy, or procedure' says biz Mozilla and Microsoft have taken action against a certificate authority accused of having close ties to a US military contractor that allegedly paid software developers to embed data-harvesting malware in mobile apps.…
Scary in post-Roe America, and Poland, and far too many other places It's official: your period and/or pregnancy tracker will probably share your data with law enforcement. And they might even do it on purpose.…