Summary
- Mozilla issued a fix for a zero-day vulnerability in Firefox (CVE-2024-9680) that has been exploited
- Use-after-free flaw found in Animation timelines highlights issues with memory-unsafe programming languages
- The attacker manipulated the flaw to execute attacks, prompting Mozilla to promptly release a fix within 25 hours
- Users should update to the latest version of Firefox and Firefox ESR to protect against potential attacks