Mozilla has announced on Friday that an attacker managed to access security-sensitive information about a considerable number of (at the time) unpatched Firefox vulnerabilities, and that there is evidence that at least one of them has been exploited in attacks in the wild. The breach didn’t happen because there is a critical vulnerability in Mozilla’s Bugzilla web-based bugtracker, but because the attacker managed to get hold of a privileged users’ account password, as the user re-used it on another website that has been breached.
