Bleeping Computer
Mozilla fixes Firefox bug letting you get Windows admin privileges
Mozilla released a security update to address a high severity privilege escalation vulnerability found in the Mozilla Maintenance Service.
Latest Hacking News
Mozilla Rolls Out Total Cookie Protection On Firefox By Default
After initial release as an optional Firefox feature, Mozilla has now rolled out its ‘Total Cookie Protection” feature by default. Mozilla Firefox Total Cookie Protection Announcing the move in a recent post, Mozilla confirms rolling out the
SecurityWeek
Mozilla Patches High-Severity Vulnerabilities in Firefox, Thunderbird
Mozilla has patched high-severity spoofing, privacy and remote code execution vulnerabilities in Firefox and Thunderbird.
ZDNet
Mozilla adding multi-account containers to VPN offering | ZDNet
Mozilla VPN 2.7 will bring into the platform one of Firefox's most popular add-ons.
SecurityWeek
Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware
Mozilla issues warning over fake Thunderbird downloads after a ransomware group was caught using this technique to deliver malware.
Security Affairs
Mozilla fixed Firefox 0days exploited at Pwn2Own Vancouver 2024
Mozilla addressed two Firefox zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2024 hacking competition.
Cyber Security News
Mozilla Firefox 117: 5 High-Severity Vulnerabilities Patched
With the release of Mozilla Firefox 117, 13 vulnerabilities are patched, including seven 'High Severity' flaws and four memory corruption flaws.
Bleeping Computer
Mozilla drops Firefox support on Amazon Fire TV
This month, Amazon has announced that Mozilla will phase out support for the Firefox web browser app on Amazon's Fire TV product line.
Bleeping Computer
Mozilla Firefox gets built-in Firefox Relay controls
Mozilla has announced the integration of Firefox Relay, an email protection system that helps users evade trackers and spammers, directly into the Firefox browser.
The Record
Mozilla, CISA urge users to patch Firefox security flaw
Mozilla released an advisory this week warning users of a vulnerability affecting its popular web browser and email client.
Bleeping Computer
Mozilla tests Microsoft Bing as the default Firefox search engine
Mozilla is running a study to test users' responses to changing the default Firefox search engine to Microsoft Bing.
ZDNet
Mozilla fixes two critical Firefox flaws that are being actively exploited | ZDNet
Mozilla urges all Firefox users to install updates that address critical security flaws.
Bleeping Computer
Mozilla fixes Firefox, Thunderbird zero-days exploited at Pwn2Own
Mozilla has released security updates for multiple products to address zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2022 hacking contest.
Bleeping Computer
Mozilla stops Firefox fullscreen VPN ads after user outrage
Firefox users have been complaining about very intrusive full-screen advertisements promoting Mozilla VPN displayed in the web browser when navigating an unrelated page.
Bleeping Computer
Mozilla Firefox removes Russian search providers over misinformation concerns
Mozilla has removed the Yandex Search, Mail.ru, and OK.ru default search providers from the Firefox browser over reports of state-sponsored content favored in search results.
ZDNet
Mozilla unveils Total Cookie Protection for Firefox Focus on Android | ZDNet
Mozilla announced that it was adding its strongest privacy protection to date for Firefox Focus users on Android.
Bleeping Computer
Mozilla Firefox 111.0.1 fixes Windows 11 and macOS crashes
Mozilla has addressed issues causing Firefox to crash on macOS and to freeze with a non-responding blank window when starting on Windows 11 systems.
Bleeping Computer
Mozilla tests if 'Firefox/100.0' user agent breaks websites
Mozilla has launched an experiment where they change the Firefox browser user agent to a three-digit "Firefox/100.0" version to see if it will break websites.
CyberNews
Mozilla accuses Apple, Google, and Microsoft of dirty tricks undermining Firefox
Mozilla has accused dominant browser makers – Apple, Google, and Microsoft – of pushing users away from independent tools like Firefox.
Bleeping Computer
Mozilla Thunderbird 91.3 released to fix high impact flaws
Mozilla released Thunderbird 91.3 to fix several high-impact vulnerabilities that can cause a denial of service, spoof the origin, bypass security policies, and allow arbitrary code execution.
Bleeping Computer
Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition.
Bleeping Computer
Mozilla: Update Firefox to avoid Netflix, Hulu streaming issues
Mozilla advises Firefox users to update to the latest released version to avoid experiencing video streaming issues after Google updates the Widevine digital rights management (DRM) on May 31.
Bleeping Computer
Mozilla upgrades older Thunderbird clients to the latest version
Mozilla is rolling out a forced upgrade for Thunderbird 78.x users, getting everyone aboard version 91, the latest stable release that came out in August.
Bleeping Computer
Mozilla warns Chrome, Firefox ‘100’ user agents may break sites
Mozilla is warning website developers that the upcoming Firefox 100 and Chrome 100 versions may break websites when parsing user-agent strings containing three-digit version numbers.
Security Affairs
Mozilla addresses two actively exploited zero-day flaws in Firefox
Mozilla fixed two critical actively exploited zero-day bugs in Firefox with the release of 97.0.2, ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0. Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 to address a couple of critical zero-day vulnerabilities, tracked as CVE-2022-26485 and CVE-2022-26485, actively exploited in […]
Bleeping Computer
Mozilla Firefox 97.0.2 fixes two actively exploited zero-day bugs
Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 to fix two critical zero-day vulnerabilities actively exploited in attacks.
Bleeping Computer
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.
Bleeping Computer
Google, Microsoft, and Mozilla work together on better browser extensions
Google, Microsoft, Apple, and Mozilla have launched the WebExtensions Community Group (WECG) to collaborate on standardizing browser extensions to enhance both security and performance.
Bleeping Computer
Mozilla blocks malicious add-ons installed by 455K Firefox users
Mozilla blocked malicious Firefox add-ons installed by roughly 455,000 users after discovering in early June that they were abusing the proxy API to block Firefox updates.
Bleeping Computer
Mozilla starts rolling out Site Isolation to all Firefox channels
Mozilla has started rolling out the Site Isolation security feature to all Firefox channels, now also protecting users in the Beta and Release channels from attacks launched via malicious websites.
SecurityWeek
25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy
Mozilla has analyzed the privacy and security of 25 major car brands and found that they collect a lot of data
SecurityWeek
After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery
After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.
The Hacker News
Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird
Mozilla is also rushing to fix a zero-day vulnerability (CVE-2023-4863) that is actively exploited in browsers.
-1.webp)
Cyber Security News
Mozilla Zero-Day Vulnerability Exploited in the Wild – Patch Now!
In a race against the clock to protect user security, major browser vendors, including Google and Mozilla, have rushed to release critical updates in response to a critical vulnerability discovered in the WebP Codec.
The Hacker News
New Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security
Mozilla has introduced a new feature called Quarantined Domains, which blocks certain add-ons on specific sites due to security risks.
The Record
Mozilla: Nearly 80% of Google Play Store apps have discrepancies in privacy reporting
What apps actually do with user data often differs from what companies tell Google Play Store about their policies, a Mozilla study says.
Bleeping Computer
Mozilla flooded with requests after Apple privacy changes hit Facebook
Mozilla volunteers have recently been flooded with requests by online merchants and marketers for their domains to be added to what's called a Public Suffix List (PSL) due to recent privacy changes brought forth by Apple's iOS 14.5.
Bleeping Computer
Mozilla Firefox to roll out DNS over HTTPS for Canadian users
Mozilla has decided to roll out the DNS over HTTPS (DoH) feature by default for Canadian Firefox users later this month. The move comes after DoH has already been offered to US-based Firefox users since 2020.
The Hacker News
2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP!
Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says
SecurityWeek
Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own
Firefox browser updates address two zero-day vulnerabilities, CVE-2024-29943 and CVE-2024-29944, exploited at the Pwn2Own hacking contest.
Naked Security
Mozilla patches Wednesday’s Pwn2Own double-exploit… on Friday!
That was quick! 48 hours from exploit report to published patch.
Latest Hacking News
Mozilla Patched “BigSig” Vulnerability That Affects The NSS Cryptographic Library
A critical BigSig memory corruption bug affected Mozilla's NSS cryptographic library. It affected many NSS-using products, except Firefox.
Bleeping Computer
Mozilla Firefox, the first Chromium alternative in the Windows Store
Firefox is now available for download through Microsoft's Windows Store for Windows 10 and Windows 11 users, the first major web browser to be added after Opera was included in late September.
SecurityWeek
Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape
Firefox and Thunderbird security updates released this week address multiple memory safety bugs in both products.
Krebs on Security
Mozilla Drops Onerep After CEO Admits to Running People-Search Networks
The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move…
Naked Security
S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]
Latest episode – listen now!
Ars Technica
Mozilla plans ground-up UI redesign for Thunderbird email client this July
"Why does Thunderbird look so old, and why does it take so long to change?"
ThreatPost
Mozilla: Lack of Security Protections in Mental-Health Apps Is ‘Creepy’
Popular apps to support people’s psychological and spiritual well-being can harm them by sharing their personal and sensitive data with third parties, among other privacy offenses.
DataBreaches
Mozilla finds mental health apps fail ‘spectacularly’ at user security, data policies
Charlie Osborne reports: An investigation into mental health and prayer apps has revealed a disturbing lack of concern surrounding user security and privacy...
ZDNet
Mozilla finds mental health apps fail 'spectacularly' at user security, data policies | ZDNet
Prayer apps, too, have raised serious security concerns.
Ars Technica
Google and Mozilla are working on iOS browsers that break current App Store rules
Currently, all iOS and iPadOS browsers need to use the same engine as Safari.
ZDNet
Mozilla adds four privacy-centric orgs to Data Futures Lab, awards each with $100,000 | ZDNet
Place Trust, Driver's Seat Cooperative, Drivers Coop and Digital Democracy will get access to a network of experts.
ZDNet
Mozilla rolls out GPC for all Firefox users, but enforcement limited to two states | ZDNet
While all Firefox users will have access to Mozilla's implementation of Global Privacy Control, only users in California and Colorado can hope for enforcement.
Infosecurity News
Mental Health and Prayer Apps Fail the Privacy Test
Mozilla finds most are neither secure nor protect user data
SecurityWeek
Chrome 122, Firefox 123 Patch High-Severity Vulnerabilities
Google and Mozilla resolve high-severity memory safety vulnerabilities with the latest Chrome and Firefox updates.
Infosecurity News
Romantic AI Chatbots Fail the Security and Privacy Test
Mozilla warns of serious security and privacy concerns over romantic chatbots downloaded by 100 million users
SecurityWeek
Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities
Mozilla has released Firefox 115 to the stable channel with patches for two high-severity use-after-free vulnerabilities.
SecurityWeek
High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome
Mozilla and Google have released stable updates for the Firefox and Chrome browsers to address several memory corruption vulnerabilities.
Cyber Security News
2 Firefox Zero-Days Exploited At Pwn2Own : Patch Now
Mozilla addresses two zero-day vulnerabilities that were recently exploited at the Pwn2Own Vancouver 2024 hacking contest in the Firefox
Bleeping Computer
Firefox now shows ads as sponsored address bar suggestions
Mozilla is now showing ads in the form of sponsored Firefox contextual suggestions when U.S. users type in the URL address bar.
Bleeping Computer
Firefox now blocks cross-site tracking by default in private browsing
Mozilla says that Firefox users will be protected against cross-site tracking automatically while browsing the Internet in Private Browsing mode.
Bleeping Computer
Firefox 90 adds enhanced tracker blocking to private browsing
Mozilla has introduced SmartBlock 2.0, the next version of its intelligent cross-site tracking blocking tech, with the release of Firefox 90.
Bleeping Computer
Thunderbird 102 released with highly anticipated features, bug fixes
Mozilla has announced the release of Thunderbird 102, one of the world's most popular open-source email clients with an estimated userbase of over 25 million.
SecurityWeek
Emergency Firefox Update Patches Two Actively Exploited Zero-Day Vulnerabilities
Mozilla over the weekend issued an emergency security update for Firefox to address two zero-day vulnerabilities that have been exploited in attacks.
Bleeping Computer
New Firefox privacy feature strips URLs of tracking parameters
Mozilla Firefox 102 was released today with a new privacy feature that strips parameters from URLs that are used to track you around the web.
Cyber Security News
Firefox has Removed Russian Based Search Providers
Many Allegations were made on some search engines about state-sponsored content are favored in search results. Owing to this, Mozilla has removed many Russia based search engines.
Bleeping Computer
Firefox now bypasses Windows 11's messy default browser settings
Fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser.
SecurityWeek
Firefox 107 Patches High-Impact Vulnerabilities
Mozilla has released Firefox 107 and the latest version of the web browser patches 19 vulnerabilities, including many with a high impact rating.
The Hacker News
Microsoft and Other Major Software Firms Release February 2022 Patch Updates
Microsoft, Adobe, Android, Mozilla, Intel, SAP, Citrix, and other major software firms release February 2022 Patch Tuesday Security Updates.
Bleeping Computer
Firefox improves advertising tracker blocking in private browsing
Mozilla says that Firefox users will be better protected from advertising trackers (like Google Analytics scripts) while browsing the Internet in Private Browsing mode and using Strict Tracking Protection.
Cyber Security News
Firefox 118 Released With the Fix for 6 High-Severity Vulnerabilities
Mozilla has recently launched Firefox 118, which addresses a total of nine security vulnerabilities. Notably, this release effectively resolves six high-severity vulnerabilities.
Bleeping Computer
Firefox adds enhanced cookie clearing, HTTPS by default in private browsing
Mozilla says that, starting in Firefox 91 released today, users will be able to fully erase the browser history for all visited websites which prevents privacy violations due to "sneaky third-party cookies sticking around."
SecurityWeek
Google Links Over 60 Zero-Days to Commercial Spyware Vendors
Over 60 Adobe, Google, Android, Microsoft, Mozilla and Apple zero-days that have come to light since 2016 attributed to spyware vendors.
The Record
Zerodium looks to buy zero-days in Outlook and Thunderbird email clients
US-based exploit broker Zerodium announced plans today to pay $200,000 and $400,000 for zero-day exploits in Mozilla Thunderbird and Microsoft Outlook, respectively, two of today's most popular and widely used desktop email clients.
Bleeping Computer
Malicious 'Safepal Wallet' Firefox add-on stole cryptocurrency
A malicious Firefox add-on named "Safepal Wallet" lived on the Mozilla add-ons site for seven months and scammed users by emptying out their wallets. Safepal is a cryptocurrency wallet application capable of securely storing a variety of crypto assets, including Bitcoin, Ethereum, and Litecoin.
The Record
Firefox fixes password leak via Windows Cloud Clipboard feature
Mozilla has fixed an issue in its Firefox browser where usernames and passwords were being recorded in the Windows Cloud Clipboard feature, in what the organization categorized as a severe security risk that could have exposed credentials to non-owners whenever users copied or cut a password.
Security Affairs
CISA urges to fix actively exploited Firefox zero-days by March 21
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added two critical security vulnerabilities in Mozilla firefox, tracked as CVE-2022-26485 and CVE-2022-26486, to its Known Exploited Vulnerabilities Catalog. The US agency has ordered federal civilian agencies to address both issues by […]
Bleeping Computer
Researchers discover 14 new data-stealing web browser attacks
IT security researchers from Ruhr-Universität Bochum (RUB) and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox.
Bleeping Computer
Firefox Focus now blocks cross-site tracking on Android devices
Mozilla's Firefox Focus web browser can now protect Android users against cross-site tracking while browsing the Internet by preventing cookies from being used for advertising and monitoring your activity.
SecurityWeek
Firefox 118 Patches High-Severity Vulnerabilities
Firefox 118 patches six high-severity vulnerabilities, including a memory leak potentially leading to sandbox escape.
SecurityWeek
Firefox 122 Patches 15 Vulnerabilities
Updates released for Firefox and Thunderbird resolve 15 vulnerabilities, including five high-severity bugs.
ZDNet
Firefox 96 update focuses on noise improvements, main thread efficiency | ZDNet
Mozilla's latest Firefox refresh aims to help video chat users on desktop and mobile browsing ease on Android.
SecurityWeek
Firefox 116 Patches High-Severity Vulnerabilities
Firefox 116 was released with patches for high-severity vulnerabilities, some of which can lead to remote code execution or sandbox escapes.
SecurityWeek
Chrome 123, Firefox 124 Patch Serious Vulnerabilities
Chrome and Firefox security updates released on Tuesday resolve a critical-severity and multiple high-severity vulnerabilities.
The Hacker News
Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels
An investigation uncovered "serious loopholes" in data safety labels for Android apps on the Google Play Store, with 80% of the most popular apps.
Bleeping Computer
Google rolls back reCaptcha update to fix Firefox issues
Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows.
Cyber Security News
Firefox 120 Released With Security Updates: What’s New!
10 vulnerabilities are patched, including six 'High Severity' issues and two moderate and low severity issues are fixed.
ThreatPost
Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
Both vulnerabilities are use-after-free issues in Mozilla's popular web browser.
ZDNet
Best browser for privacy 2022: Secure web browsing | ZDNet
If you’re like most people, you’re probably using Google Chrome as your default browser. It’s hard to fault Google’s record on security and patching but privacy is another matter for the online ad giant.
SecurityWeek
Firefox, Chrome Updates Patch High-Severity Vulnerabilities
Firefox and Chrome updates released this week resolve multiple high-severity memory safety vulnerabilities.
CyberNews
AI girlfriends feast on your data
The rise of AI partners means that more people are using large language models to find love and companionship.
CyberNews
Meta, Google, X, TikTok, Apple still failing with ad transparency
A study shows that ad transparency tools requested by watchdogs are still vague on 11 major tech platforms, leaving users vulnerable to misinformation ahead of the election year.
Bleeping Computer
Google tests if 'Chrome/100.0' user agent breaks websites
Google is testing whether changing the Chrome user agent to three-digit 'Chrome/100' will cause loss of functionality on websites that are expecting a two digit version number.
Bleeping Computer
Microsoft Outlook RCE zero-day exploits now selling for $400,000
Exploit broker Zerodium has announced a pay jump to 400,000 for zero-day vulnerabilities that allow remote code execution (RCE) in Microsoft Outlook email client.
Infosecurity News
High-Severity Flaws Fixed in Firefox 115 Update
One of them, CVE-2023-37201, involved a use-after-free issue in WebRTC certificate generation
Infosecurity News
Privacy Concerns Raised Over Android Apps' Data Safety Labels
The claims come from Mozilla's *Privacy Not Included researchers
Bleeping Computer
CISA: Patch actively exploited Firefox zero-days until March 21st
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies to patch two critical Firefox security vulnerabilities exploited in attacks within the next two weeks.
Bleeping Computer
Apple fixes Safari WebKit zero-day flaw exploited at Pwn2Own
Apple has released security updates to fix a zero-day vulnerability in the Safari web browser exploited during this year's Pwn2Own Vancouver hacking competition.
Security Affairs
Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024
Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during the Pwn2Own Vancouver 2024.
Bleeping Computer
Firefox now autoupdates on Windows even when not running
The Windows version of Firefox can now automatically upgrade itself to the latest version in the background when the browser is not running.
Loading more articles....