Firefox
Dozens of fake wallet add-ons flood Firefox store to drain crypto
More than 40 fake extensions in Firefox’s official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data. Some of the extensions pretend to be wallets from Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero, and include malicious code that sends stolen information to attacker-controlled servers. Researchers […]
Mozilla launches new system to detect Firefox crypto drainer add-ons
Mozilla has developed a new security feature for its add-on portal that helps block Firefox malicious extensions that drain cryptocurrency wallets. According to a recent blog post, Mozilla’s new security system creates risk profiles for each submitted wallet extension and triggers automated risk alerts if a pre-defined threshold is exceeded. These alerts will prompt human […]
Mozilla releases Firefox 139.0.1 update to fix artifacts on Nvidia GPUs
Mozilla has rolled out an emergency Firefox 139.0.1 update after the Tuesday release caused graphical artifacts on PCs with NVIDIA GPUs. Firefox 139 shipped on May 27 with features like Full-Page Translations, but it also caused graphical artifacts when browsing the web in Firefox. In a Reddit thread, several Firefox users complained that videos would flicker or flash. […]
Mozilla fixes Firefox zero-days exploited at hacking contest
Mozilla released emergency security updates to address two Firefox zero-day vulnerabilities demonstrated in the recent Pwn2Own Berlin 2025 hacking competition. The fixes, which include the Firefox on Desktop and Android and two Extended Support Releases (ESR), came mere hours after the conclusion of Pwn2Own, on Saturday, where the second vulnerability was demonstrated. The first flaw, tracked under CVE-2025-4918, […]
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. The highlight was a successful attempt from Nguyen Hoang Thach of STARLabs SG against the VMware ESXi, which earned him $150,000 for an […]
Mozilla warns Windows users of critical Firefox sandbox escape flaw
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser’s sandbox on Windows systems. Tracked as CVE-2025-2857, this flaw is described as an “incorrect handle could lead to sandbox escapes” and was reported by Mozilla developer Andrew McCreight. The vulnerability impacts the latest Firefox standard and extended […]
Mozilla warns users to update Firefox before certificate expires
Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company’s root certificates. The Mozilla certificate is set to expire this Friday, March 14, 2025, and was used to sign content, including add-ons for various Mozilla […]
Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers
Mozilla has renewed its promise to continue supporting Manifest V2 extensions alongside Manifest V3, giving users the freedom to use the extensions they want in their browser. Manifest V3 is a Google-developed browser extension specification aimed at making add-on functionality in web browsers safer by restricting overly permissive network requests and remote content loading. Despite […]
Mozilla really wants you to set Firefox as default Windows browser
Google undoubtedly dominates the desktop browser market, while Microsoft Edge has shown notable growth in recent times. However, Firefox continues to face challenges in attracting new users. In an effort to turn the tide, Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows during the installation […]
Mozilla fixes Firefox zero-day actively exploited in attacks
Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploited in attacks. The vulnerability, tracked as CVE-2024-9680, and discovered by ESET researcher Damien Schaeffer, is a use-after-free in Animation timelines. This type of flaw occurs when memory that has been freed is still used […]