Critical Zero-Day Exploit to be Found at Firefox

Using this bug scammers could install programs, view, change or delete data, as well as create new accounts; users are recommended to update ASAP
19 June 2019   1587

Coinbase Security and Google security researcher Samuel Gross discovered a vulnerability in Mozilla Firefox browser that could manipulate Javascript objects. It has already been used to attack users of cryptocurrency. This is reported on Medium.

The zero-day vulnerability received a CVE-2019-11707 identifier, and the bug was assigned a critical or highest threat level by the Firefox,

Critical Impact — Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
 

Firefox Vulnerabilities Types Description

In fact, the attackers could force users to visit malicious websites and thus be able to execute arbitrary code on the devices of their victims. The scammers who used the bug could install programs, view, change or delete data, as well as create new accounts.

Users are urged to upgrade as soon as possible to the new version of Firefox 67.0.3 and Firefox ESR 60.7.1, in which the vulnerability is fixed.

Frontend News Digest 1 - 7.02

How to Create a WP Site with JAMstack, formatting dates in JS with Intl.DateTimeFormat, Edge DevTools now supports more languages and more
07 February 2020   432

Greetings! I hope your week went great! Here's new frontend technologies news digest.

Check the MongoDB One-to-Many Relationship tutorial with Mongoose examples, the CO2 emission of the websites new NodeJS update and other interesting things

Guides

  • How To Create A Headless WordPress Site On The JAMstack

Tutorial on simple way to create a WordPress site

  • MongoDB One-to-Many Relationship tutorial with Mongoose examples

Guide about Mongoose - the most popular way to use MongoDB from Node.js.

  • Formatting dates in JavaScript with Intl.DateTimeFormat

Check the modern way to format dates in a region friendly way using native APIs, as now supported all major browsers and both Node

Articles

  • CO2 emissions on the web

Learn the lever of CO2 emissions websites produce by consuming a lot of energy for its activity

  • Bringing the Microsoft Edge DevTools to more languages

Now Edge's DevTools support more languages

Video

  • Chrome 80 - What’s New in DevTools

Updates

  • massCode

Snippets manager for developers

  • micro-jaymock

Tiny API mocking microservice for generating fake JSON data

  • Node v13.8.0 (Current)

Another update of popular solution

  • Electron 8.0.0

Major release of popular JS based solution