Yonke imikhiqizo Community Forum

Today, using Firefox--or at least what i think is Firefox--i checed session history while logged into my mega.nz account. It lists 2 instances, one of which is for 3 days prior when I originally set up the Mega account using the Mega app, and the other is for yesterday when I entered the account using the FF browser--or, again, what i think is the FF browser. What's curious is that it shows i was using the Chrome browser, and that I'm apparently still using this browser as it's listed as the "Current" session. How can this be? While I have the Chrome app on my phone, I disabled it long ago and have never used it, and most certainly did not use it during the time and activities in question. I have long speculated that I have been hacked and that my phone is sometimes (always?) controlled by this hacker, though no solid proof. Assuming the hacker uses Chrome, could this be reflecting their using the Chrome browser, as opposed to the FF browser, which I'm currently using (or think im using)? In other words, is this the proof of a hack? Or is this a glitch within Mega, mistakingly listing Chrome as my browser?

My account is hacked this is supposed to be a secure site that's why I downloaded it. They got extensions linked in here . They have a family account I'm not a parent I'm not a kid I'm a grown woman with a hacked phone they I can't get any help with insane . They make things to easy for hackers nothing is protect damn shame .

I have a problem with thunderbird. I can't fetch the certificate in my account settings, it seems it's not security approved. Normally when I type "fetch certificate" a window pops up asking me to confirm a security exception, but this function no longer works on thunderbird. Is there another way I can confirm the security exception?

Payment declined for Thunderbird: Free Your Inbox subscription

Google Play Your subscription will be cancelled UPDATE PAYMENT Hi k,

Your payment from Visa-xxxx was declined.

If you don't update your payment method, you'll lose all of the benefits provided by Valued Monthly Contribution (Thunderbird: Free Your Inbox). These benefits include the following:

   A monthly, voluntary contribution
   Enable us to build new features
   Help us take meaningful steps forward
   Contributions are not tax-deductible

To keep these benefits, you'll need to keep your subscription active. Update your payment method or use a different one.

SUMMARY Amount Due $10.73 Fix by Dec 26, 2025 UPDATE PAYMENT

Learn more

Thanks, The Google Play team See your Google Play Order History. View the Google Play Refund Policy and the Terms of Service.

Google LLC, 1600 Amphitheatre Pkwy, Mountain View, CA, 94043, United States

I received an email threatening to cancel Firefox because of inadequate usage. Is this for real or a scam? I do use Firefox but, perhaps not enough for Mozilla's rules? I would regret losing this privilege. Thanks.

I would like to know how the Firefox CVEs are affected on its version which are mentioned in NVD.

Let take mfsa2025-59, for example CVE-2025-8040, as per the NVD its says Firefox ESR < 140.1 is affected so does that mean it affect all the version which are lower than 140.1 which included the ESR 128 and ESR 115 versions or just the ESR 140 version series? then it raise on more question check this cve-2025-8029 in NVD it has specifically mentioned it only affect "Firefox ESR < 128.13, Firefox ESR < 140.1" and not the ESR 115 versions. Could anyone confirm it does not affect the ESR 115 versions or it affect all the versions? Now check this one cve-2025-8027, NVD clearly mentioned "Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1" are affected so what I understand is that if the Firefox ESR 115 is vulnerable to any CVE it would be mentioned in the NVD specifically.

My point is that if any Firefox CVEs are listed in NVD and it specify only one version like “Firefox ESR < 140.1” what does that mean? Does it affect all the versions which include ESR 128 and ESR 115 or just the ESR 140 series version only affected? If any CVEs are affected on the ESR 115 and ESR 128 does Mozilla specifically mentioned those versions are affected right? Just like its mentioned in the cve-2025-8027

Any help would be appreciated to clarify this.

I am working on a stig for Mozilla Firefox and I'm trying to do a scap compliance scan but or some reason I am getting a score of zero on all systems. We do patch regularly and at some point one of the version upgrades caused our compliance scans stopped working. I need a fix and cannot find anything when searching for this issue.

GNU nano 8.6 /etc/firefox/policies.json {

 "policies": {
   "DisableFirefoxStudies": true,
   "DisableTelemetry": true,
   "DisableSystemAddonUpdate": true

   "Preferences": {
     "app.normandy.enabled": false,
     "app.shield.optoutstudies.enabled": false,
     "extensions.autoDisableScopes": 15
    }
  }
} Hidden modifications to settings and extensions is absolutely not OK!!!!!!

This is a security environment.

I am logged on to my Credit Union and attempt to download my statements. When using Firefox I get the message: {"Errors":["Authorization has been denied for this request."]}

When I contacted my CU, they said to add an URL to the Manage Exceptions. This worked, but I want to know why Firefox needs this but Chrome doesn't.

Mozilla Thunderbird Email wants to access your Google Account

This will allow Mozilla Thunderbird Email to:

Read, compose, send, and permanently delete all your email from Gmail

See, edit, download, and permanently delete your contacts

See, edit, share, and permanently delete all the calendars you can access using Google Calendar

Mzila Fire Fox that has me perplexed. There is a line that reads, In part….. https://accounts.google.com/signin/oauth/legacy/consent? uthuser=0&part=AJi8hAO27SA1jp0smbnYjSww31z06r6NnelkFAEXAX1pRgQq_2fkoC2lI-Rs0mf3jYCnMSdoG2Gr9V6XDkmWlQydzTYpDy4U-OREnYRGiXK0wIrp32BEL1sC1QyzBm-ZzUFPi6sQw3DCq7hh-HL7ZEAw9QDzw22rmwU7DPjP1nMpdWenxE6fE4LwyjUnAobeE3RPLIWik4O3f5U4lSI1Hwj0AiWBCsLD-

When I opened my computer this morning, it said Firefox crashed. Yesterday, I was scammed by a scammer claiming to be from Microsoft who had me do many things on my computer to remove a virus that wasn't there. Instead, I suspect he may have access to my information now. So this morning after it said that Firefox had crashed, I asked to open a new Firefox session and things seemed to be normal. Please double check to make sure there is nothing wrong with my Firefox account and let me know. Thank You!

Any help would be appreciated,

i was about to add another account to TB and checked for cves first and saw this:  CVE-2025-11715

Ubunut is affected by it but there is no way to update my installed version to a stable release in the ubuntu software centre. I dont have the technical ability to know how to install directly from the website. Is it possible to know if people unable to update have been affected by the CVE and what to do if upgrades are not possible?

Thanks

Im new to thunderbird. Even though I have created a main password I find that I suddenly I can open the application and view accounts and even security info, without putting it in anyway. I press cancel and the application opens and I can see accounts.

I havent saved the password anywhere so its not automatically being filled in. Is this just for offline access? How can I tell if my accounts are secured and what my  offline/ online status is when using thunderbird?

Hallo,

(new information at the end)

in an effort to understand why one s/mime signed message I received could not be verified by Thunderbird (140.3.0esr (64-bit) on Ubuntu 24.04.3 LTS) (error 1041, "unknown problems with this digital signature"), but by all other clients I and others could check (including cli tools openssl, cmsutil), I did a few tests using my own certificate (using rsaEncryption, SHA256).

Inital observation: Messages signed with "openssl smime -sign -in msg.txt -to <email> -from <my-email> -subject test -signer mycert.pem -inkey mykey.pem -out signed.eml" and opened in Thunderbird showed error 1041. Any modifiers like -crlfeol, -text, -binary, ... did not make a difference.

Omitting signed attributes (-noattr) however helped. The signature was verified.

Further investigations now showed that the reason for that is a mismatch of the signing time in the signed attributes block with the RFC 5322 date in the header (or a missing date, which is the reason, the openssl smime output is rejected). If there is no match, Thunderbird shows a 1041 error (unknown problems with the signature).

However, I'm wondering whether such a test a reasonable. The standards don’t instruct MUAs to compare signingTime to the RFC 5322 Date. Flagging a mismatch is not required by spec and in my opinion adds little to no security value. The RFC date header can be easily modified and the signing time is openly readable.

Does anyone knows why it has been decided to test that?

So I keep getting this pop-up message from Norton, "Not seeing new emails in your email app?" Everything seems to work appropriately in Thunderbird. I'm getting new emails as I always have. The problem is as long as Thunderbird is open Norton keeps popping this stupid thing up every 10 or so minutes. Has anyone had this? Have you found a way to get Norton to realize everything is fine and stop popping up? It's like playing a game of wack a mole all day.