Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards

Posted on May 19, 2025May 19, 2025 By CWS

Could 19, 2025Ravie LakshmananBrowser Safety / Vulnerability
Mozilla has launched safety updates to handle two essential safety flaws in its Firefox browser that may very well be doubtlessly exploited to entry delicate knowledge or obtain code execution.
The vulnerabilities, each of which have been exploited as a zero-day at Pwn2Own Berlin, are listed beneath –

CVE-2025-4918 – An out-of-bounds entry vulnerability when resolving Promise objects that would enable an attacker to carry out learn or write on a JavaScript Promise object
CVE-2025-4919 – An out-of-bounds entry vulnerability when optimizing linear sums that would enable an attacker to carry out learn or write on a JavaScript object by complicated array index sizes

In different phrases, profitable exploitation of both of the failings might allow an adversary to realize out-of-bounds learn or write, which might then be abused to entry in any other case delicate data or end in reminiscence corruption that would pave the way in which for code execution.

The vulnerabilities have an effect on the next variations of the Firefox browser –

Edouard Bochin and Tao Yan from Palo Alto Networks have been credited with discovering and reporting CVE-2025-4918. The invention of CVE-2025-4919 has been credited to Manfred Paul.
It is price noting that each shortcomings have been demonstrated on the Pwn2Own Berlin hacking contest final week for which they have been awarded $50,000 every.
With net browsers persevering with to be a gorgeous vector for malware supply, customers are suggested to replace their situations to the newest model to safeguard towards potential threats.

Discovered this text attention-grabbing? Comply with us on Twitter  and LinkedIn to learn extra unique content material we put up.

The Hacker News Tags:100K, Berlin, Exploited, Firefox, Patches, Pwn2Own, Rewards, ZeroDays

Post navigation

Previous Post: Spiking Neural Networks: Brain-Inspired Chips That Could Keep Your Data Safe
Next Post: Why CTEM is the Winning Bet for CISOs in 2025

Related Posts

ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach The Hacker News
New EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser Data The Hacker News
U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions The Hacker News
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files The Hacker News
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages The Hacker News
Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data
  • RingReaper Malware Attacking Linux Servers Evading EDR Solutions
  • Turning BIA Insights Into Resilient Recovery
  • Scaly Wolf Attacking Organizations to Uncover Organizations’ Secrets
  • Serial Hacker Jailed for Hacking and Defacing Organizations’ Websites

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data
  • RingReaper Malware Attacking Linux Servers Evading EDR Solutions
  • Turning BIA Insights Into Resilient Recovery
  • Scaly Wolf Attacking Organizations to Uncover Organizations’ Secrets
  • Serial Hacker Jailed for Hacking and Defacing Organizations’ Websites

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News