Mozilla patched an unsanitised output flaw in its Firefox browser user interface that could lead to arbitrary code execution.
Tor Browser 7.5 has been released this week complete with a bunch of security fixes that have already been rolled out to the Firefox Extended Support Release (ESR) 52.6 client it is built upon.
Mozilla issued a series of security updates for Thunderbird 52.5.2 that included a critically rated buffer overflow issue that could lead to a crash if exploited.
Mozilla scared - or at least upset - several of its users with the unannounced addition of a Firefox new plug-in, Looking Glass, to promote the USA Network hacker show Mr Robot.
A collection of vulnerabilities dubbed Mailsploit, found by German security researcher Sabri Haddouche in 30 types of email client applications - from Apple Mail to Mozilla Thunderbird - lets hackers bypass anti-spoofing mechanisms.
Mozilla released a security update to address critical vulnerabilities in Firefox 57 which could allow a remote attacker to take control of an affected system.
Dutch moves to strengthen the powers of its state authorities leads Mozilla to propose excluding Dutch CAs from its trust list - could form part of a wider undermining of trust in the Internet
Mozilla issued a security update stating that the newly released Thunderbird 52.4 , Firefox 56 and Firefox ESR 52.4 patch 10 vulnerabilities, two rated critical, five high and three moderate found in earlier iterations of the software.
Mozilla issued two security advisories covering Firefox and Firefox ESR that between them contain 33 security patches, five rated as critical.
Mozilla has issued security advisories announcing key updates to its Firefox browser and the Firefox Extended Support Release, both of which fixed vulnerabilities that the open-source developer labeled as critical.
Microsoft is set to bring the date after which its Windows browsers will no longer accept SHA-1 to the middle of next year after new research has shown the cryptographic hash function to be even more vulnerable than previously thought.
Mozilla has stepped up pressure on enterprise companies that continue to use SHA-1 certificates after research last month demonstrated the algorithm could be broken in as little as three months.