Mozilla has fixed a security bug in its Firefox for Windows browser that was “being exploited in the wild.”
In a brief update, Mozilla said it updated the browser to Firefox version 136.0.4 after identifying and fixing the new bug, tracked as CVE-2025-2857, which presents a “similar pattern” to a bug that Google patched in its Chrome browser earlier this week.
Anyone exploiting the bug could escape Firefox’s sandbox, which limits the browser’s access to other apps and data on the user’s computer.
The bug also affects other browsers with the same codebase as Firefox for Windows, such as the Tor Browser, which also received a patch updating the browser to 14.0.7.
Kaspersky researcher Boris Larin, who first discovered the Chrome zero-day, confirmed in a post that the root cause of the Chrome bug also affects Firefox. Kaspersky previously linked the use of the exploits to attacks on journalists, employees of educational institutions, and government organizations in Russia.
Chinese marketplace DHgate becomes a top US app as trade war intensifies
The Trump trade war has gone viral on TikTok, pushing a Chinese e-commerce app, DHgate, to the top of the...
Hertz says customers’ personal data and driver’s licenses stolen in data breach
Car rental giant Hertz has begun notifying its customers of a data breach that included their personal information and driver’s...
OpenAI plans to phase out GPT-4.5, its largest-ever AI model, from its API
OpenAI said on Monday that it would soon wind down the availability of GPT-4.5, its largest-ever AI model, via its...
Google’s newest AI model is designed to help study dolphin ‘speech’
Google’s AI research lab, Google DeepMind, says that it has created an AI model that can help decipher dolphin vocalizations,...
