I received an email from Perplexity today with an interesting offer. Clicking through the provided link (not shown) reveals the specifics of the offer. If the unique link provided to me is used by someone I invite, and that person uses the Comet browser to ask Perplexity one question, I get $15. The person gets […]

Mozilla Firefox's new "Shake to Summarize" feature earned a spot on TIME's Best Inventions of 2025, allowing users to shake their phone to instantly summarize long web pages. Anthony Enzor-DeMeo, general manager of Firefox, calls it a "testament to the incredible work of our UX, design, product, and engineering teams who brought this innovation to life." Neowin reports: Shake to summarize works exactly how you suspect: you physically shake your phone to generate a summary of a long article. This can be quite handy if you are trying to get the gist of a long read without scrolling through the whole thing. Other ways to activate the feature include tapping the thunderbolt icon in the address bar and selecting "Summarize Page" from the three-dot menu. For now, the feature is limited to iOS users in the US with their system set to English, but Mozilla promises an Android version is in the works. If you have an iPhone 15 Pro or newer running iOS 26, Apple Intelligence generates the summaries on the device. For older iPhones or those on earlier iOS versions, the page text is sent to Mozilla's servers for processing. You can view the full list of TIME's "Special Mentions" here.

Read more of this story at Slashdot.

High-severity flaws were patched in Chrome’s WebGPU and Video components, and in Firefox’s Graphics and JavaScript Engine components.

The post Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities appeared first on SecurityWeek.

"We've decided to support image-based search," announced the product manager for Firefox Search. Powered by the AI-driven Google Lens search technology, they promise the new feature offers "a frictionless, fast, and a curiosity-sparking way to (as Google puts it) 'search what you see'." With just a right-click on any image, you'll be able to: - Find similar products, places, or objects - Copy, translate, or search text from images - Get inspiration for learning, travel, or shopping Look for the new "Search Image with Google Lens" option in your right-click menu (tagged with a NEW badge at first). This is a desktop-only feature, and it will start gradually rolling out worldwide. Note: Google must be set as your default search engine for this feature to appear. We'll be listening closely to your feedback as we roll it out. Some of the things we're wondering about: Does the placement in the context menu align with your expectations? Would you prefer the option to choose your visual search provider? Where else would you like entry points to visual search (e.g. when you open a new tab, in the address bar, on mobile devices, etc.) We can't wait to hear your thoughts as the rollout begins! Some thoughts from WebProNews: Mozilla emphasizes that this is an opt-in feature, giving users control over activation, which aligns with the company's longstanding commitment to privacy and user agency. Yet, for industry observers, this partnership with Google raises intriguing questions about competitive dynamics in the browser space, where Firefox has historically positioned itself as an independent alternative to Chrome... This move comes at a time when browsers are increasingly becoming platforms for AI-driven enhancements, as evidenced by recent updates in competitors like Microsoft's Edge, which integrates Copilot AI. Mozilla's decision to leverage Google Lens rather than developing an in-house solution could be seen as a pragmatic step to accelerate feature parity, especially given Firefox's smaller market share. Insiders note that by tapping into established technologies, Mozilla can focus resources on core strengths like privacy protections, potentially attracting users disillusioned with data-heavy ecosystems... While mobile users might feel left out, the phased rollout over the next few weeks allows for feedback loops through community channels, a hallmark of Mozilla's open-source ethos. Data from similar integrations in other browsers suggests visual search can boost engagement by 15-20%, per industry reports, though Mozilla has not disclosed specific metrics yet... Looking ahead, Mozilla's strategy appears geared toward incremental innovations that bolster user retention without alienating its privacy-focused base. If successful, this could help Firefox claw back some ground against Chrome's dominance, estimated at over 60% market share. For now, the feature's gradual deployment invites ongoing dialogue, underscoring Mozilla's community-driven model in an industry often criticized for top-down decisions.

Read more of this story at Slashdot.

Mozilla announced today that they will end 32-bit Linux support for Firefox in 2026, with version 144 being the last release and ESR 140 as the fallback option. Phoronix reports: Firefox has continued providing 32-bit Linux binaries even with most other web browsers and operating systems going all-in on x86_64 support. But given that 32-bit Linux support is waning by distributions and the vast majority of distributions aren't even shipping i686 install images anymore, they will be removing 32-bit Linux builds in 2026.

Read more of this story at Slashdot.

"Good news, everyone! The new version of Mozilla's browser now makes even more extensive use of AI," writes the Register, "providing summaries of linked content and offering developers the ability to add LLM support to extensions." Firefox 142 brings some visible shininess, but due to the combination of regional restrictions and Mozilla's progressive rollout system, not everybody can see all the features just yet... Not geofenced but subject to phased rollout are link previews, for various native-English-speaking regions. Hover over, long-press, or right-click a link and pick Preview Link, and a summary should appear. Mozilla's summary says: "Previews can optionally include AI-generated key points, which are processed on your device to protect your privacy." "Link Previews is gradually rolling out to ensure performance and quality," Firefox says in their release notes, "and is now available in en-US, en-CA, en-GB, en-AU for users with more than 3 GB of available RAM." (The notes also add a welcome for "the developers who contributed their first code change to Firefox in this release, 20 of whom were brand new volunteers!") The Register notes that Firefox 142 also gives developers the ability to add LLM support to extensions using wllama, a Wasm binding interfacing with llama.cpp, which lets you run Meta's Llama LLM and other models, locally or in the cloud.

Read more of this story at Slashdot.

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.

The sole zero-day flaw this month is CVE-2025-33053, a remote code execution flaw in the Windows implementation of WebDAV — an HTTP extension that lets users remotely manage files and directories on a server. While WebDAV isn’t enabled by default in Windows, its presence in legacy or specialized systems still makes it a relevant target, said Seth Hoyt, senior security engineer at Automox.

Adam Barnett, lead software engineer at Rapid7, said Microsoft’s advisory for CVE-2025-33053 does not mention that the Windows implementation of WebDAV is listed as deprecated since November 2023, which in practical terms means that the WebClient service no longer starts by default.

“The advisory also has attack complexity as low, which means that exploitation does not require preparation of the target environment in any way that is beyond the attacker’s control,” Barnett said. “Exploitation relies on the user clicking a malicious link. It’s not clear how an asset would be immediately vulnerable if the service isn’t running, but all versions of Windows receive a patch, including those released since the deprecation of WebClient, like Server 2025 and Windows 11 24H2.”

Microsoft warns that an “elevation of privilege” vulnerability in the Windows Server Message Block (SMB) client (CVE-2025-33073) is likely to be exploited, given that proof-of-concept code for this bug is now public. CVE-2025-33073 has a CVSS risk score of 8.8 (out of 10), and exploitation of the flaw leads to the attacker gaining “SYSTEM” level control over a vulnerable PC.

“What makes this especially dangerous is that no further user interaction is required after the initial connection—something attackers can often trigger without the user realizing it,” said Alex Vovk, co-founder and CEO of Action1. “Given the high privilege level and ease of exploitation, this flaw poses a significant risk to Windows environments. The scope of affected systems is extensive, as SMB is a core Windows protocol used for file and printer sharing and inter-process communication.”

Beyond these highlights, 10 of the vulnerabilities fixed this month were rated “critical” by Microsoft, including eight remote code execution flaws.

Notably absent from this month’s patch batch is a fix for a newly discovered weakness in Windows Server 2025 that allows attackers to act with the privileges of any user in Active Directory. The bug, dubbed “BadSuccessor,” was publicly disclosed by researchers at Akamai on May 21, and several public proof-of-concepts are now available. Tenable’s Satnam Narang said organizations that have at least one Windows Server 2025 domain controller should review permissions for principals and limit those permissions as much as possible.

Adobe has released updates for Acrobat Reader and six other products addressing at least 259 vulnerabilities, most of them in an update for Experience Manager. Mozilla Firefox and Google Chrome both recently released security updates that require a restart of the browser to take effect. The latest Chrome update fixes two zero-day exploits in the browser (CVE-2025-5419 and CVE-2025-4664).

For a detailed breakdown on the individual security updates released by Microsoft today, check out the Patch Tuesday roundup from the SANS Internet Storm Center. Action 1 has a breakdown of patches from Microsoft and a raft of other software vendors releasing fixes this month. As always, please back up your system and/or data before patching, and feel free to drop a note in the comments if you run into any problems applying these updates.

Brian King // On a recent webapp test, I got a little frustrated with all the extra HTTP requests showing up in my Burpsuite Proxy History from connections that Firefox […]

The post Towards a Quieter Firefox appeared first on Black Hills Information Security, Inc..