A critical Remote Code Execution (RCE) vulnerability in Mozilla Firefox was caused by a single-character typo in the SpiderMonkey JavaScript engine’s WebAssembly garbage collection code, where a developer mistakenly typed “&” (bitwise AND) instead of “|” (bitwise OR). Security researcher Erge discovered the flaw while examining the Firefox 149 Nightly source code for inspiration for […] The post Single-Character Typo of “&” Instead of “|” Leads to 0-Day RCE in Firefox appeared first on Cyber Security News.