Tuesday, June 18, 2024

Emergency!! Zero-day Flaw in FireFox Let Hackers Take Full Control of Your Computer – Update Your FireFox Now

Mozilla released a security update for Critical Zero-day vulnerability that fixed in a new version of Firefox 67.0.3 and Firefox ESR 60.7.

The critical vulnerability can be exploited by an attacker to run malicious code and to install the application on the vulnerable machine, without requiring no user interaction beyond normal browsing.

Cybercriminals are actively exploiting this Critical Zero-day vulnerability in wide and the attacker could exploit this vulnerability to take control of an affected system.

There are various exploit attempts identified, and the attackers targeting the unpatched old version of Firefox and exploit this critical zero-day vulnerability.

According to Mozilla Security Advisory, A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.

This critical zero-day vulnerability originally reported to Mozilla by Samuel Groß, a member of Google Project Zero and Coinbase Security.

The US Cybersecurity and Infrastructure Security Agency also issued an alert urging users and system administrators to review Mozilla’s security advisor and update the system Firefox Immediately.

The Zero-day flaw tracked aCVE-2019-5786 and the users can install the new update via following links.

All the FireFox user urged to update the new version immediately to protect themselves from this zero-day exploit and keep your system safe and secure.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Emergency !! Hackers Exploited Active Google Chrome Zero-day in Wide – Update Chrome Now

Microsoft Security Updates Fixes for 88 Vulnerabilities Including 4 SandboxEscaper Leaked Zero-day’s

Critical RCE Zero-Day in TP-Link Wi-Fi Repeaters Let Hackers to Gain Remote Access

Website

Latest articles

Singapore Police Arrested Two Individuals Involved in Hacking Android Devices

The Singapore Police Force (SPF) has arrested two men, aged 26 and 47, for...

CISA Conducts First-Ever Tabletop Exercise Focused on AI Cyber Incident Response

On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) made history by...

Europol Taken Down 13 Websites Linked to Terrorist Operations

Europol and law enforcement agencies from ten countries have taken down 13 websites linked...

New ARM ‘TIKTAG’ Attack Impacts Google Chrome, Linux Systems

Memory corruption lets attackers hijack control flow, execute code, elevate privileges, and leak data.ARM's...

Operation Celestial Force Employing Android And Windows Malware To Attack Indian Users

A Pakistani threat actor group, Cosmic Leopard, has been conducting a multi-year cyber espionage...

Hunt3r Kill3rs Group claims they Infiltrated Schneider Electric Systems in Germany

The notorious cybercriminal group Hunt3r Kill3rs has claimed responsibility for infiltrating Schneider Electric's systems...

Hackers Employing New Techniques To Attack Docker API

Attackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles