Critical Zero-Day Exploit to be Found at Firefox

Using this bug scammers could install programs, view, change or delete data, as well as create new accounts; users are recommended to update ASAP
19 June 2019   1231

Coinbase Security and Google security researcher Samuel Gross discovered a vulnerability in Mozilla Firefox browser that could manipulate Javascript objects. It has already been used to attack users of cryptocurrency. This is reported on Medium.

The zero-day vulnerability received a CVE-2019-11707 identifier, and the bug was assigned a critical or highest threat level by the Firefox,

Critical Impact — Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
 

Firefox Vulnerabilities Types Description

In fact, the attackers could force users to visit malicious websites and thus be able to execute arbitrary code on the devices of their victims. The scammers who used the bug could install programs, view, change or delete data, as well as create new accounts.

Users are urged to upgrade as soon as possible to the new version of Firefox 67.0.3 and Firefox ESR 60.7.1, in which the vulnerability is fixed.

Frontend News Digest 14 - 20.09

20 September 2019   54

Greetings! I hope your week went great! Here's new Frontend news digest.

In this digest, beginners can learn about CSS Grid, skilled coders may learn about, for example, what's new in Chrome 77 for developers, difference between axion and fetch() API and many other stuff.

Guides

Good overview on grips with Grid.

  • How to Easily Reuse Components Across Projects and Repositories

A tutorial on building, collaborating and distributing over components to create different projects.

  • Preview your Vue or React components using JSDoc

Guide on creating and publishing your Vue app documents

Article

It’ll only be a couple of years before we reach Chrome 100 and it seems Firefox wants a piece of the action :-) Firefox’s release cadence will be moving from approx 6-8 weeks per version to just 4 from Firefox 71 onward.

Chrome 77 is rolling out to users now. Here, Pete LePage dives in to what’s new for developers in this latest version.

  • Javascript Overcomes Java as The Most Popular Programming Language of 2019

Well, cool news for all frontenders, is suppose =)

  • CSV & Excel to JSON in JavaScript

Ajax & Fetch can help you with that, learn how exactly.

  • Source-maps could be revealing your private project files

Article on a possible vulnerability, beware!

  • Axios or fetch(): Which should you use?

Article, which is written to give you the better understanding of both APIs.