Firefox patches zero-day security flaw days after Chrome fixes the same issue

Firefox icon
Image credit: PixieMe/Shutterstock (Image credit: Shutterstock)

  • Kaspersky recently uncovered a zero-day vulnerability in Google Chrome
  • Mozilla now says it has found a similar issue in Firefox
  • The bug was used to target Russian targets in a cyber-espionage campaign

A worrying security flaw, similar to the Chrome zero-day issue recently spotted and patched by Google, has now been discovered, and remedied, in the Firefox browser.

In a security advisory published on March 27, 2025, Mozilla said after the discovery of the Chrome sandbox escape vulnerability, “various Firefox developers” found a similar pattern in the browser’s IPC code.

“A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape,” Mozilla explained. Escaping the sandbox is one of the browser’s “primary security defenses,” reports CyberInsider.

Monitor your credit score with TransUnion starting at $29.95/month

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)

Patching the bug

A sandbox in a web browser is a security mechanism that isolates running web content (such as JavaScript, plugins, or iframes) from the rest of the system.

The goal is to prevent potentially malicious websites or scripts from accessing sensitive user data, modifying system files, or interfering with other applications.

By “escaping the sandbox”, cybercriminals could have malware run on the target computer through the browser.

A patch has been released, and Firefox users are advised to update their browsers to versions Firefox 136.0.4, Firefox ESR 128.8.1, Firefox ESR 115.21.1 to mitigate the issue. Mozilla also added that the bug affects Firefox on Windows, and that other operating systems are unaffected.

It stressed that the Chrome bug was being exploited in the wild, suggesting that the Firefox one remained hidden.

Chrome’s original vulnerability is tracked as CVE-2025-2783, while the Firefox one is being tracked as CVE-2025-2857. No severity score has yet been assigned.

Nor Google, nor Mozilla, discussed the threat actors or the victims. However, researchers from Kaspersky (who originally found the bug) said that the flaw was used to target people in Russia.

The campaign involved phishing, redirecting victims to primakovreadings[dot]info. The entire campaign was dubbed Operation ForumTroll and apparently, the goal is to conduct cyber-espionage.

You might also like

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.