Russian RomCom Hackers Exploit Firefox and Windows Zero-Day Vulnerabilities

November 26, 2024 at 10:15 AM

•

1 min read

Russian RomCom Hackers Exploit Firefox and Windows Zero-Day Vulnerabilities — Photo: We Live Security

TL;DR Summary

ESET researchers have identified a critical zero-day vulnerability in Mozilla products, exploited by the Russia-aligned group RomCom, allowing arbitrary code execution in Firefox, Thunderbird, and Tor Browser. This vulnerability, CVE-2024-9680, when combined with another Windows zero-day, CVE-2024-49039, enables attackers to install the RomCom backdoor without user interaction. The attack targets various sectors globally, with patches released by Mozilla and Microsoft to address these vulnerabilities. RomCom is known for both cybercrime and espionage activities.

Topics:technology #cyberattack #cybersecurity #firefox #romcom #windows #zero-day

Share this article

RomCom exploits Firefox and Windows zero days in the wild We Live Security
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks The Hacker News
Firefox and Windows zero-days exploited by Russian RomCom hackers BleepingComputer
Russian Hackers Used Zero-Day Attack To Hit Firefox, Tor Users PCMag
Zero-day, zero-click vulnerabilities in Mozilla and Windows exploited by Russia-aligned RomCom APT SecurityInfoWatch

Reading Insights

Total Reads

Unique Readers

Time Saved

18 min

vs 18 min read

Condensed

98%

3,596 → 73 words

Want the full story? Read the original article

Read on We Live Security

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights