If you use Mozilla Firefox or Thunderbird then this news is very important for you. CERT-In, the cyber security agency of the Government of India, has issued a high risk security alert regarding these platforms. Many serious flaws have been found, taking advantage of which hackers can steal users' data. Users using older versions are said to be at greater risk. The government has advised to install the latest updates immediately.
Government cyber agency CERT-In has revealed several vulnerabilities related to Mozilla Firefox and Thunderbird in the security bulletin of January 2026. According to the agency, these flaws fall in the high severity category. If they are misused, even a remote attacker can attack the user's system. In the last few weeks, Android and Apple users have also received such alerts. Now this new warning has been issued regarding browser users. This may affect millions of users.
According to the report, technical flaws have been found in components like anti-tracking, layout scrolling and overflow of Firefox. A risk of data exfiltration from partially encrypted email content has been reported in Thunderbird. The attacker can trick the user into opening a specific link or web request. As soon as the user opens that link, sensitive information can be extracted from the system. This may include passwords, personal data and browsing information. In some cases the system may even crash.
According to CERT-In and Mozilla, users using versions of Firefox older than 147.0.2 are at risk. Similarly, versions of Thunderbird older than 140.7.1 and 147.0.1 are also considered unsafe. Those users who have not been updating their browser for a long time, they need to take the first step. The vulnerabilities present in the old version are now more vulnerable to attack. Mozilla has released a new security patch to fix these problems. This danger is reduced to a great extent in the latest version.
To stay safe, you should immediately update Firefox and Thunderbird to the latest version. Mobile users can update from Play Store or App Store. Computer users can install the new update by going to the About Firefox section in the browser settings. CERT-In has also said that do not click on the links sent by unknown people. Avoid installing apps or extensions from any third party source. A little caution can prevent big cyber losses.
