Security News
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as...
Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploited in attacks. [...]
European digital rights group NOYB (None Of Your Business) has filed a privacy complaint with the Austrian data protection watchdog (DSB) against Mozilla, alleging the company uses a Firefox...
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new...
A "0.0.0.0-Day" vulnerability affecting Chrome, Safari and Firefox can be - and has been - exploited by attackers to gain access to services on internal networks, Oligo Security researchers have revealed. The vulnerability stems from how those popular browsers handle network requests from external, public websites, and may allow attackers to change settings, gain access to protected information, uploading malicious models, or even achieve remote code execution.
A vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local...
Mozilla is following in Google Chrome's footsteps in officially distrusting Entrust as a root certificate authority following what it says was a protracted period of compliance failures. Entrust has apologized to Google, Mozilla, and the wider web community, outlining its plans to regain the trust of browsers, but these appear to be unsatisfactory to both Google and Mozilla.
Mozilla Firefox finally allows you to further protect local access to stored credentials in the browser's password manager using your device's login, including a password, fingerprint, pin, or other biometrics. To be clear, this new feature does not protect against information-stealing malware but rather prevents people with physical or remote access to the device from using the stored credentials without first authenticating with the device.
A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS...
Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows. Yesterday, BleepingComputer received multiple reports that reCaptcha stopped working in the latest version of Mozilla Firefox, with the issues also reported on Twitter and Reddit.