Attack and Defense (@attackndefense) Twitter Tweets • TwiCopy

Anyone remember the "ten f...ing days" story? web.archive.org/web/2015010223… We just provided a security update in less than 18 hours from report to release. mozilla.org/en-US/security…

thumb_up_off_alt13

chat_bubble_outline0

repeat5

shareShare

Attack and Defense

@attackndefense

2 years ago

blog.mozilla.org/security/2024/…

thumb_up_off_alt6

chat_bubble_outline0

repeat2

shareShare

Attack and Defense

@attackndefense

2 years ago

.@freddyb will be at #Offensivecon24 in Berlin. Let us know if you want to meet up to talk about browser/ web security.

thumb_up_off_alt1

chat_bubble_outline0

repeat0

shareShare

If you haven't updated Firefox in a while, do it now. We have fixed a high-severity security vulnerability that is apparently exploited in the wild. We shipped this within 25 hours after being reported to us. mozilla.org/en-US/security…

thumb_up_off_alt9

chat_bubble_outline0

repeat3

shareShare

Firefox 🔥

@firefox

a year ago

We're turning the big 2-0 this year! Help us celebrate by sharing your best Firefox fan art 🔥 tag us or use #FirefoxArt by 11/01 so we don't miss it. (you just might score some fun surprises too...)

thumb_up_off_alt311

chat_bubble_outline14

repeat30

shareShare

Attack and Defense

@attackndefense

a year ago

What it takes to fix an 0day in 25 hours. (Spoiler: It's team work!). Read the blog post at blog.mozilla.org/security/2024/… by our very own Tom Ritter

thumb_up_off_alt12

chat_bubble_outline0

repeat5

shareShare

Attack and Defense

@attackndefense

10 months ago

We updated our Firefox Bug Bounty Hall of Fame for Q4 of 2024. 🏆👏 Thank you to the many folks who helped keep Firefox secure! mozilla.org/en-US/security…

thumb_up_off_alt2

chat_bubble_outline0

repeat1

shareShare

Tom Schuster

@evilpies

5 months ago

Gareth Heyes \u2028 Masato Kinugawa Good find. This is now fixed Firefox Nightly 🔥. Sorry, no fun allowed.

thumb_up_off_alt3

chat_bubble_outline1

repeat1

shareShare

Masato Kinugawa

@kinugawamasato

5 months ago

bugzilla.mozilla.org/show_bug.cgi?i… This is a big change for DOM Clobberers. Firefox Nightly no longer allows native document properties to be overwritten by elements with a name attr, e.g.: <img src=a name=currentScript> <script> alert(document.currentScript)// HTMLScriptElement </script>

thumb_up_off_alt155

chat_bubble_outline3

repeat20

shareShare

Attack and Defense

@attackndefense

4 months ago

We just updated our bug bounty hall of fame to include the great security researchers from the last two quarters. Thank you for securing the best #Firefox yet :) mozilla.org/en-US/security…

thumb_up_off_alt5

chat_bubble_outline0

repeat1

shareShare

Attack and Defense

@attackndefense

4 months ago

Did you know that all of our good stuff is also available elsewhere? Follow us on Mastodon at infosec.exchange/@attackanddefe… or keep refreshing our site at attackanddefense.dev

thumb_up_off_alt0

chat_bubble_outline0

repeat0

shareShare

Attack and Defense

@attackndefense

4 months ago

We just published the Q2 2025 edition of the Firefox Security and Privacy newsletter. Highlights: * CHIPS * Webcompat improvements * Better HTTPS error pages * Firefox Relay integration ...and much more. attackanddefense.dev/2025/07/17/fir…

thumb_up_off_alt1

chat_bubble_outline0

repeat1

shareShare