Posts
-
Firefox Security & Privacy Newsletter 2025 Q3
-
Firefox Security & Privacy newsletter 2025 Q2
-
Firefox Security Privacy Newsletter 2025 Q1
-
Hardening the Firefox Frontend with Content Security Policies
-
The Evolution of HTTPS Adoption in Firefox
-
IPC Fuzzing with Snapshots
-
New Year, New Blog
-
WebAssembly and Back Again: Fine-Grained Sandboxing in Firefox 95
-
Finding and Fixing DOM-based XSS with Static Analysis
-
Implementing form filling and accessibility in the Firefox PDF viewer
-
Fixing a Security Bug by Changing a Function Signature
-
Eliminating Data Races in Firefox - A Technical Report
-
Browser fuzzing at Mozilla
-
Examining JavaScript Inter-Process Communication in Firefox
-
Insights into HTTPS-Only Mode
-
Guest Blog Post: Good First Steps to Find Security Bugs in Fenix (Part 2)
-
Effectively Fuzzing the IPC Layer in Firefox
-
Guest Blog Post: Leaking silhouettes of cross-origin images
-
Guest Blog Post: Good First Steps to Find Security Bugs in Fenix (Part 1)
-
Guest Blog Post: Firefox for Android LAN-Based Intent Triggering
-
Guest Blog Post: Rollback Attack
-
Inspecting Just-in-Time Compiled JavaScript
-
Bug Bounty Program Updates: Adding (another) New Class of Bounties
-
Understanding Web Security Checks in Firefox (Part 2)
-
Hardening Firefox against Injection Attacks - The Technical Details
-
Sponsoring an RTSP Server Fuzzer
-
Understanding Web Security Checks in Firefox (Part 1)
-
Firefox CodeQL Databases Available for Download
-
Fuzzing Firefox with WebIDL
-
Firefox’s Bug Bounty in 2019 and into the Future
-
Help Test Firefox’s built-in HTML Sanitizer to protect against UXSS bugs
-
Adding CodeQL and clang to our Bug Bounty Program
-
Remote Code Execution in Firefox beyond memory corruptions
subscribe via RSS