Number of HTTPS phishing sites triples
When, in January 2017, Mozilla and Google made Firefox and Chrome flag HTTP login pages as insecure, the intent was to make phishing pages easier to recognize, as well as push …
LastPass extensions can be made to cough up passwords, deliver malware
LastPass Chrome and Firefox extensions contain flaws that could allow malicious websites to steal victims’ passwords or execute commands on their computer. The flaws …
Passages: Secure virtual browser for malware isolation
Over 90% of undetected attacks come through the web. In this podcast recorded at RSA Conference 2017, Lance Cottrell, Chief Scientist at Ntrepid, talks about Passages, a …
The latest on the critical RCE Cisco WebEx extension vulnerability
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has …
Firefox 51 starts flagging HTTP login pages as insecure
Mozilla has released Firefox 51 on Tuesday, and this latest stable version of the popular browser comes with many security fixes and improvements. The list of security …
Actively exploited Firefox, Tor Browser 0-day patched, update now!
Mozilla and the Tor Project have released security updates that fix the Firefox 0-day flaw that was spotted being exploited to de-anonymize Tor Browser users. It is still …
Firefox 0-day exploited in the wild to unmask Tor users
An anonymous user of the SIGAINT darknet email service has revealed the existence of a JavaScript exploit that is apparently being actively used to de-anonymize Tor Browser …
Firefox Focus: Private iOS browsing made easy
Mozilla has released Firefox Focus, an iOS app that lets you browse the Internet without having to worry who’s tracking your online activity. The app can be used …
With Firefox 50, Mozilla plugs many security holes
Firefox 50 is out, and it includes security fixes for 3 critical, 12 high, 10 moderate, and 2 low severity issues, as well as many usability improvements. Two of the critical …
Firefox to prevent sites from tracking users by checking their battery status
Version 52 of the popular Firefox browser will no longer allow websites to access the Battery Status API and the information it can provide about the visitor’s device. …
Kovter malware masquerades as Firefox update
Click-ad-fraud Kovter malware, packaged as a legitimate Firefox browser update, is being delivered to unsuspecting victims via drive-by-download attacks. Kovter, which also …
Mozilla fights in court to get info about potential Firefox flaw
Mozilla has asked a Washington State District Court to compel FBI investigators to provide details about a vulnerability in the Tor Browser with them before they share it with …
Featured news
Resources
Don't miss
- State-backed phishing attacks targeting military officials and journalists on Signal
- Poland’s energy control systems were breached through exposed VPN access
- CISA orders US federal agencies to replace unsupported edge devices
- Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
- February 2026 Patch Tuesday forecast: Lots of OOB love this month