serisec

Category: Firefox

  • Claude Mythos Has Found 271 Zero-Days in Firefox

    Claude Mythos Has Found 271 Zero-Days in Firefox That’s a lot. No, it’s an extraordinary number: Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser. We wrote previously about our collaboration with Anthropic to scan Firefox with Opus 4.6,…

  • Firefox 148 Released With Sanitizer API to Disable XSS Attack

    Firefox 148 Released With Sanitizer API to Disable XSS Attack Firefox 148 introduces the new standardized Sanitizer API, becoming the first browser to implement it. The update marks a major step forward for web security, giving developers a straightforward and effective way to prevent Cross-Site Scripting (XSS) attacks. XSS is one of the most common…

  • Mozilla Says It’s Finally Done With Two-Faced Onerep

    Mozilla Says It’s Finally Done With Two-Faced Onerep In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox web browser that promises to remove users from hundreds of people-search sites — after KrebsOnSecurity revealed Onerep’s founder had created dozens of people-search services and…

  • 8 New Malicious Firefox Extensions Steals OAuth Tokens, Passwords and Spy on Users

    8 New Malicious Firefox Extensions Steals OAuth Tokens, Passwords and Spy on Users Security researchers from the Socket Threat Research Team have uncovered a sophisticated network of eight malicious Firefox browser extensions that actively steal OAuth tokens, passwords, and spy on users through deceptive tactics. The discovery reveals a coordinated campaign that exploits popular gaming…

  • Nearly a Year Later, Mozilla is Still Promoting OneRep

    Nearly a Year Later, Mozilla is Still Promoting OneRep In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership with the company. But…

  • Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT

    Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk…