SoylentNews

An Anonymous Coward writes:

A company that sells exploits to government agencies drops Tor Browser zero-day [zdnet.com] on Twitter after recent Tor Browser update renders exploit less valuable.

Zerodium, a company that buys and sells vulnerabilities in popular software, has published details today on Twitter about a zero-day vulnerability in the Tor Browser, a Firefox-based browser used by privacy-conscious users for navigating the web through the anonymity provided by the Tor network.

In a tweet, Zerodium said the vulnerability is a full bypass of the "Safest" security level of the NoScript extension that's included by default with all Tor Browser distributions.

Original Submission