CyberSecurityBoard
Sponsor Register Login

Mozilla: New Firefox extensions must disclose data collection practices

Mozilla has introduced a new policy requiring all Firefox browser extensions to disclose their data collection practices clearly. This move aims to enhance transparency and protect user privacy by ensuring that extension developers provide detailed information about the types of data they collect and how it is used. The policy update is part of Mozilla's ongoing commitment to user security and privacy, addressing concerns about extensions that may collect excessive or sensitive data without user consent. Developers must now submit a data disclosure statement when publishing or updating extensions on the Firefox Add-ons site. This statement will be visible to users before installation, helping them make informed decisions about which extensions to trust. Mozilla's initiative aligns with broader industry trends emphasizing privacy and data protection, responding to increasing regulatory scrutiny and user demand for greater control over personal information. The new requirements are expected to reduce the risk of malicious or intrusive extensions compromising user security and improve overall ecosystem trust. Users are encouraged to review data collection disclosures carefully and report any suspicious behavior to Mozilla. This policy change marks a significant step forward in safeguarding Firefox users and promoting responsible extension development practices.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 24 Oct 2025 13:20:33 +0000


Cyber News related to Mozilla: New Firefox extensions must disclose data collection practices

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
Mozilla: New Firefox extensions must disclose data collection practices - Mozilla has introduced a new policy requiring all Firefox browser extensions to disclose their data collection practices clearly. This move aims to enhance transparency and protect user privacy by ensuring that extension developers provide detailed ...
1 month ago Bleepingcomputer.com
Protecting User Privacy by Removing Personal Data from Data Broker Sites - As part of its new subscription service model, Mozilla Firefox is offering its users the possibility of finding and removing their personal and sensitive information from data brokers across the internet. To eliminate their phone numbers, e-mail, ...
1 year ago Cysecurity.news
Over 6 Million Chrome Extensions Can Execute Remote Commands on Users’ Browsers - A major security incident has come to light involving more than six million installations of Chrome browser extensions that secretly execute remote commands, track user activity, and potentially expose sensitive information. John Tuckner of secure ...
8 months ago Cybersecuritynews.com
Fake VPN Chrome extensions force-installed 1.5 million times - Three malicious Chrome extensions posing as VPN infected were downloaded 1.5 million times, acting as browser hijackers, cashback hack tools, and data stealers. According to ReasonLabs, which discovered the malicious extensions, they are spread via ...
2 years ago Bleepingcomputer.com
Mozilla warns users to update Firefox before certificate expires - Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company's root certificates. "On 14 March a root certificate (the ...
9 months ago Bleepingcomputer.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
1 year ago Feeds.dzone.com
Mozilla Extensions Now Disclose Data Collection Policies to Users - Mozilla has introduced a new requirement for all Firefox browser extensions to clearly disclose their data collection policies. This move aims to enhance transparency and user trust by informing users about what data is collected, how it is used, and ...
1 month ago Cybersecuritynews.com
Business Data Privacy Laws: Compliance and Beyond - Governments worldwide have implemented strict data privacy laws to protect individuals' information in the face of increasing cyber threats and data breaches. Let's dive into the world of business data privacy laws as we navigate the complexities of ...
1 year ago Securityzap.com
CVE-2025-31493 - Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `collection()` helper or `$kirby->collection()` method with a dynamic collection name (such ...
7 months ago
Google Takes Down Over 50,000 Instances of Malicious Chrome Extensions - Google recently took down over 50,000 Chrome browser extensions after discovering that they were involved in malicious activity. The malicious activity included advertising click fraud, downloading malware, and displaying adware. According to Google, ...
2 years ago Thehackernews.com
The zero-day that could've compromised every Cursor and Windsurf user - In a recent post Yomtom explains that while examining the build process behind OpenVSX, the open-source marketplace powering extensions for tools like Cursor, Windsurf, VSCodium, and others, he discovered a critical flaw. Dubbed VSXPloit: A single ...
5 months ago Bleepingcomputer.com
Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals - A new 2025 Enterprise Browser Extension Security Report, uniquely combining data from public extension marketplaces and real-world enterprise usage telemetry to spotlight this underestimated threat vector. Extensive Permissions to Sensitive ...
7 months ago Bleepingcomputer.com
Malicious Chrome VPN Extensions Installed 1.5M Times Browsers - In a recent cybersecurity revelation, a highly sophisticated cyber attack campaign has emerged, weaving a web of deceit through malicious web extensions cunningly disguised as VPNs. ReasonLabs, a cybersecurity firm, has discovered online piracy ...
1 year ago Cybersecuritynews.com
Mozilla adds paid-for data-deletion tier to Monitor service The Register - Mozilla on Tuesday expanded its free privacy-monitoring service with a paid-for tier called Mozilla Monitor Plus that will try to get data brokers to delete their copies of subscribers' personal information. Mozilla introduced Monitor in 2018 as a ...
1 year ago Go.theregister.com
Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers - Firefox has not stated how long this support will continue, but as long as there are powerful add-ons enhancing user privacy and security, Mozilla should continue to have strong reasons to extend support for Manifest V2. The latest announcement ...
9 months ago Bleepingcomputer.com
Fake Madgicx Plus and SocialMetrics Pro Chrome Extensions Found Stealing Facebook Credentials - Cybersecurity researchers have uncovered a new phishing campaign involving fake Chrome extensions named Madgicx Plus and SocialMetrics Pro. These malicious extensions are designed to steal Facebook credentials from unsuspecting users by mimicking ...
3 months ago Thehackernews.com
8 New Malicious Firefox Extensions Steal OAuth Tokens, Passwords, and Spy on Users - Security researchers from the Socket Threat Research Team have uncovered a sophisticated network of eight malicious Firefox browser extensions that actively steal OAuth tokens, passwords, and spy on users through deceptive tactics. The investigation ...
5 months ago Cybersecuritynews.com
Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape - Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, to address 21 vulnerabilities, including several memory safety issues. Firefox 121 was released with patches for 18 vulnerabilities, five of which have a 'high' severity ...
2 years ago Securityweek.com CVE-2023-6856 CVE-2023-6135 CVE-2023-6865 CVE-2023-6873 CVE-2023-6864
Developers Beware of Malicious VS Code Extension Apps With Million of Installations - Cybersecurity researchers have uncovered a disturbing campaign targeting software developers through malicious Visual Studio Code extensions that have collectively amassed millions of installations. These compromised extensions, masquerading as ...
8 months ago Cybersecuritynews.com
Mozilla Urging Users to Update Firefox, Else Add-ons Will Stop Working - The company stated in its support documentation that “not updating Firefox before the root certificate expires can expose you to significant security threats. iOS users are not impacted due to Firefox on Apple’s mobile platform utilizing ...
9 months ago Cybersecuritynews.com
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
2 years ago Cnn.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
2 years ago Feeds.dzone.com
Threat Actors May Abuse VS Code Extensions to Deliver Malware - Visual Studio Code (VS Code) extensions have become a popular tool for developers to enhance their coding environment. However, recent cybersecurity research highlights a growing threat where malicious actors exploit these extensions to deliver ...
1 month ago Cybersecuritynews.com
CVE-2006-1733 - Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)