Mozilla engineers have revealed that their bug tracking application was compromised, and an unknown attacker had used a privileged account which had access to sensitive information about unpatched Firefox vulnerabilities.
According to the foundation's security disclosure, they confirmed the attacker had access to the bug tracker since September 2014, but they suspect access goes back even further, to September 2013. Mozilla security experts blame this incident on one of its users that had reused the bug tracker's password on another site, which was later hacked. The company's bug tracker, which is named Bugzilla and is also available as open source, is the instrument which the foundation uses to track problems with its software.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland