Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows
Russia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks
Mozilla develops Firefox and related internet technologies, with vulnerability disclosures and security updates relevant to browser security and safety.
Search across headline titles and summaries.
Background for this topic.
Mozilla is an open-source software organization best known for developing Firefox and related internet technologies. Its security relevance centers on software that parses untrusted web content: browsers expose users to malicious sites, crafted documents, extensions, and vulnerable dependencies, so flaws in rendering, JavaScript, networking, or privilege boundaries can have serious consequences.
Mozilla publishes security advisories for Firefox and maintains release channels including Extended Support Release (ESR), providing data for vulnerability and patch management. High-severity bugs may enable code execution, sandbox escape, credential theft, or privacy exposure, although severity alone does not prove exploitation. Practitioners should track advisories and affected versions, prioritize updates, restrict untrusted extensions, and apply enterprise policies where appropriate. Firefox privacy controls, including tracking protection and anti-fingerprinting features, reduce some collection and profiling but do not replace endpoint hardening or secure identity practices.
Russia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks
ESET Discovers Two Major Vulnerabilities Exploited by Russian RomCom Hacking GroupTwo vulnerabilities in Mozilla products and Windows are actively exploited by RomCom, a Kremlin-linked cybercriminal group known for targeting businesses and conducting espionage, warn security researchers from Eset. Exploiting the two flaws together enables attackers to execute arbitrary code.
The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems