Prosecutors with the U.S. Department of Justice dropped their case against a suspect who visited the dark web site child pornography site Playpen.

The way Firefox caches intermediate CA certificates could allow for the fingerprinting of users and the leakage of browsing details, a researcher warns.

Mozilla released a new version of Firefox on Wednesday to address a zero day vulnerability that was actively being exploited to de-anonymize Tor Browser users.

Mozilla addressed 29 vulnerabilities, three critical, when it released the latest iteration of its flagship browser, Firefox 50 on Tuesday.

Google announced Monday that it will distrust certificates issued by WoSign and StartCom when in it ships Chrome 56 in January 2017.

Martin Thomson, a Principle Engineer at Mozilla confirmed TLS 1.3 will be turned on by default in Firefox 52.

The Firefox browser will now deny TLS connections to servers using weak Diffie-Hellman keys.

Mozilla has proposed banning new SHA-1 certificates from Chinese Certificate Authority WoSign for one year after it accused the CA of back-dating the deprecated certs.

A remote code execution in Firefox caused by the expiration of certificate pins was patched by Mozilla in Firefox 49 and Firefox ESR 45.4.

Mozilla is expected tomorrow to patch a critical certificate pinning vulnerability in Firefox’s automated update process for extensions.