Mozilla recently announced that it has doubled the rewards for its bug bounty program to draw more eyeballs from the bug-hunting community. The web browser developer also stated that it has added new sites and services to the list as part of its bug bounty program. The latest move is intended to observe 15 years of the 1.0 release of Firefox.
In addition, the company also tripled payouts to US$ 15,000 for remote code execution on critical sites.
“To celebrate the 15 years of the 1.0 release of Firefox, we are making significant enhancements to the web bug bounty program. We are doubling all web payouts for critical, core and other Mozilla sites as per the Web and Services Bug Bounty Program page,” Mozilla said in a statement.
“As we are constantly improving the services behind Firefox, we also need to ensure that sites we consider critical to our mission get the appropriate attention from the security community,” the statement added.
According to Mozilla, the new sites that qualify for the bug bounty program include Autograph, Lando, Phabricator, and Taskcluster.
In a similar security news, the Coinbase security team and a security researcher Samuel D. Gross from Google discovered a “Zero-day” vulnerability in the Mozilla Firefox browser, which can be used to launch a cyber-attack using JavaScript objects.
Mozilla announced that it has patched its Firefox browser’s vulnerability in response to a spear-phishing campaign targeting employees of cryptocurrency exchange Coinbase. The company has released the latest version of the Firefox browser and urged the users to update their browsers.
The hackers have attempted to phish Coinbase staff with emails containing links to malicious websites. The malware can automatically download, if the links were clicked using the Firefox browser, and run malware on the system, stealing browser passwords and other sensitive information, according to Coinbase.
