Still using the default password that came with that nice broadband router you installed at home? Time to get off your butt and change it: visiting the wrong website is enough to have key settings changed on the most popular models.
Firefox cookie-stealing vulnerability
A new zero-day vulnerability in Mozilla Firefox allows malicious web sites to forge authentication cookies for certain web sites.
The problem lies in the way Firefox handles writes to 'location.hostname' DOM property, says Michal Zalewski, an independent security researcher.
According to Zalewski, it is possible for a malicious script to set the value of the hostname property that would not be accepted as a hostname when parsing a regular URL.