Bleeping Computer

Exploit available for critical bug in VM2 JavaScript sandbox library

Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that is used by multiple software to run code securely ...
ZDNet

Firefox zero-day: Mozilla races to patch bug used to attack Tor browser users

Users of online anonymity network Tor are facing a new attack that uses nearly identical code to a Firefox exploit used by the FBI in 2013. Tor co-founder Roger Dingledine says Mozilla is working on a ...
The Daily Dot

Mozilla patches Firefox exploit that let hackers remotely grab users’ files

Mozilla recently discovered an exploit in the wild that allows a malicious actor to remotely direct your computer to upload files to a server without permission. The exploit, which a user discovered ...
Ars Technica

Firefox 0-day in the wild is being used to attack Tor users

Update on 11/30/2016 2:20 PM California time: Firefox developer Mozilla and Tor have patched the underlying vulnerability, which is found not only in the Windows version of the browser, but also the ...
Ars Technica

DRAM “Bitflipping” exploit for attacking PCs: Just add JavaScript

In March, researchers revealed one of the more impressive if slightly esoteric hacks in recent memory—an attack that exploited physical weaknesses in computer memory chips to hijack the operating ...
Engadget

Tor browser for Windows exploit discovered, malware may be gathering info for Uncle Sam (updated)

It was just over two years ago that the paragon of internet privacy, the Tor project, decided to build its own browser by forking Firefox. Wired reports that an exploit of that very same browser has ...