The Mozilla Foundation has patched a bug in its Firefox browser that enabled spoofing of the HTTPS secure communications icon, which appears as a padlock in the browser address bar. A rogue website might be able to intercept browser messages if the bug gets exploited successfully.
The patch was included in a Firefox 88 update, as well as the company’s Firefox ESR 78.10 browser and Thunderbird 78.10 email client. Firefox 88 fixes a total of 13 browser bugs, six of which are marked as high-severity.
To Read More: threatpost