Mozilla admits bug-tracker breach led to attacks against Firefox users

September 6, 2015


said an unknown accessed its bug-and-change tracking database, stole information about 53 critical security , and used at least one of those flaws to attack .

Bugzilla is the open-source that Mozilla’s developers — both paid and volunteer — use to log issues, whether security related or not; discuss different options before making changes; and pass potential fixes back and forth. Normally, are open to the public, but some, especially ongoing security fixes, are accessible only to privileged account holders.

Entries on critical bugs are blocked to all but privileged accounts long after a fix has been released to ensure that the bulk of Firefox users have installed the patch.

Read More