A zero-day vulnerability patched by Mozilla last week was exploited in attacks targeting users of Tor Browser.

The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug within the Animation timeline component. Exploitation of the flaw allows attackers to execute code in the content process by manipulating animation timelines. The flaw affects Firefox and Firefox Extended Support Release (ESR) products.

Shortly after Mozilla rolled out security updates to address the flaw, the Tor Project released an emergency fix to address CVE-2024-9680. According to the maintainers, by exploiting the flaw an attacker could take control of Tor Browser. However, the team noted that the issue probably could not be abused to deanonymize users in Tails.

Last week, CISA released a security alert warning that threat actors are using unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) to conduct reconnaissance on target networks. These cookies allow attackers to gather information about non-internet-facing devices, potentially identifying additional network resources for exploitation. CISA has urged organizations to encrypt cookies in F5 BIG-IP devices and use the BIG-IP iHealth diagnostic utility to identify and resolve security issues.