Category: AttackDefense

The snapshot fuzzing technology stack depicted from bottom to top: AFL++, QEMU-Nyx, Linux Guest with Firefox, Preloader Code, Mozilla Nyx Interface and on top of this multiple fuzzing targets.QEMU-Nyx is launched by AFL++, which then launches the Linux guest with Firefox in a fuzzing configuration. The preloader code is injected with LD_PRELOAD and manages low-level tasks as well as providing the communication interface to the Mozilla Nyx interface.
08
Mar
2026

IPC Fuzzing with Snapshots | Attack & Defense

Process separation remains one of the most important parts of the Firefox security model and securing our IPC (Inter-Process Communication)…

Share: X : IPC Fuzzing with Snapshots | Attack & DefenseFacebook : IPC Fuzzing with Snapshots | Attack & DefenseLinkedin : IPC Fuzzing with Snapshots | Attack & DefenseReddit : IPC Fuzzing with Snapshots | Attack & DefenseTelegram : IPC Fuzzing with Snapshots | Attack & DefenseWhatsApp : IPC Fuzzing with Snapshots | Attack & DefenseEmail : IPC Fuzzing with Snapshots | Attack & Defense
Chart for HTTPS Upgrade mechanisms - Firefox 134
08
Mar
2026

The Evolution of HTTPS Adoption in Firefox

We at Mozilla believe that people deserve privacy and one of the most important pieces of web privacy is provided…

Share: X : The Evolution of HTTPS Adoption in FirefoxFacebook : The Evolution of HTTPS Adoption in FirefoxLinkedin : The Evolution of HTTPS Adoption in FirefoxReddit : The Evolution of HTTPS Adoption in FirefoxTelegram : The Evolution of HTTPS Adoption in FirefoxWhatsApp : The Evolution of HTTPS Adoption in FirefoxEmail : The Evolution of HTTPS Adoption in Firefox
Graph showing the number of inline event handlers in brower.xhtml
08
Mar
2026

Hardening the Firefox Frontend with Content Security Policies

Most of the Firefox User Interface (UI), including the address bar and the tab strip, are implemented using standard web…

Share: X : Hardening the Firefox Frontend with Content Security PoliciesFacebook : Hardening the Firefox Frontend with Content Security PoliciesLinkedin : Hardening the Firefox Frontend with Content Security PoliciesReddit : Hardening the Firefox Frontend with Content Security PoliciesTelegram : Hardening the Firefox Frontend with Content Security PoliciesWhatsApp : Hardening the Firefox Frontend with Content Security PoliciesEmail : Hardening the Firefox Frontend with Content Security Policies