26 October 2021.
The Hacker News report that Mozilla has blocked two malicious Firefox add-ons installed by almost 0.5 million users.
The add-ons were discovered misusing the Proxy API to impede downloading updates to the browser.
The malicious add-ons are: Bypass and Bypass XM.
Read on to find out how you should respond.
Mozilla have announced that they are pausing approvals for new add-ons which use the proxy API until Mozilla has issued fixes.
Mozilla say they have deployed a system add-on named "Proxy Failover" that will 'ship with further mitigations to address the issue'.
What should you do?
You are advised to check whether or not your Forefox browser is using the malicious add-ons.
- In your browser select the button at the top-right + the Add-ons and Extensions link.
If YES then you should remove the add-ons.
About The Hacker News
"The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts."
Subscribe to The Hacker News newsletter when you visit the following link.
Protect your device, browser & web connection
When thinking about website security, it is easy to overlook the:
- device (operating system) used to connect to your website,
- the way you connect (your web browser) to the internet, and
- how you connect (in the clear or via encryption).
Make Joomla! CMS Security your #1 Priority
We offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.