For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the "master password" feature.
Safari, Edge, and Firefox were the favorite targets that fell to white hat hackers at the world's most well-known competitive hacking competition —Pwn2Own 2018— held over the past two days in Vancouver, Canada.
The Mozilla Foundation has released a new stable version of Firefox —version 59— that comes with speed improvements, privacy-enhancing features, but also a new Firefox release dedicated to Amazon Fire TV users.
Starting with Firefox 60 —expected to be released in May 2018— websites won't be able to use Firefox to access data from sensors that provide proximity distances and ambient light information.
The percentage of daily Chrome users who've loaded at least one page containing Flash content per day has gone down from around 80% in 2014 to under 8% in early 2018.
Mozilla will add an option in Firefox 60 that will let users disable and hide the Firefox Sync option in the Firefox settings panel.
Firefox 59 will strip referrer information from URLs while the user is in Private Browsing mode. The measure is meant to safeguard users from accidental data leaks of sensitive information.
A Firefox extension called Image Previewer was discovered today that not only displays popups, but also injects a Monero in-browser miner into Firefox. While we have seen numerous Chrome extensions injecting in-browser miners, this is the first time I have seen a Firefox addon with this behavior.
Mozilla has released Firefox 58.0.1 to fix a security issue that was hiding in the browser's UI code and would have allowed an attacker to run code on the user's computer, allowing a quick and easy path to delivering malware or even taking over the entire PC.
In a groundbreaking statement earlier this week, Mozilla announced that all web-based features that will ship with Firefox in the future must be served on over a secure HTTPS connection (a "secure context").
Mozilla said last week it would delete all telemetry data collected because of a bug in the Firefox crash reporter.
The increased adoption of HTTPS among website operators will soon lead to browsers marking HTTP pages as "Not Secure" by default.
Mozilla took a bit of heat this week after the organization force-installed a Mr. Robot promotional add-on in some Firefox browsers.
Mozilla engineers are working on a notifications system for Firefox that shows a security warning to users visiting sites that have suffered data breaches.