RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chai… Continue reading RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Firefox Gets More Investment in New Features, Prioritizing People (and Privacy) Over Profit

On its 20th anniversary, Firefox “is still going strong, and it is a better browser today than it ever was,” according to TechCrunch.

In an interview, Mozilla’s interim CEO says one of the first things they did when was to “unlock a bunch of money to… Continue reading Firefox Gets More Investment in New Features, Prioritizing People (and Privacy) Over Profit

This Week in Security: The Internet Archive, Glitching With a Lighter, and Firefox In-the-wild

The Internet Archive has been hacked. This is an ongoing story, but it looks like this started at least as early as September 28, while the site itself was showing …read more Continue reading This Week in Security: The Internet Archive, Glitching With a Lighter, and Firefox In-the-wild

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)

Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is a… Continue reading Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)