Mozilla patches Firefox zero-day abused in the wild

Samuel Groß, a security researcher with Google Project Zero security team, and the Coinbase Security team were credited with discovering the Firefox zero-day — tracked as CVE-2019-11707. Outside of the short description posted on the Mozilla site, there are no other details about this security flaw or the ongoing attacks. The last time the Mozilla team patched a Firefox zero-day was in December 2016, when they fixed a security flaw that was being abused at the time to expose and de-anonymize users of the privacy-first Tor Browser.

Source: www.zdnet.com