Mozilla has patched a zero-day exploit in late revisions to Firefox 72 and version 68 of the Android web browser. In a security advisory, the company said that it was made aware of "targeted attacks in the wild abusing this flaw."
Chinese security firm Qihoo 360 was credited with reporting the bug. ZDNet reports that the company tweeted about the attack and noted that it also affected Internet Explorer. The tweet was later deleted.
Firefox users are advised to update to desktop version 72.0.1 and mobile version 68.4.1 as soon as possible. You can download the Android version through APK Mirror.
Two other zero-day type confusion vulnerabilities in Firefox were exploited back in June in a coordinated assault against the staff of cybercurrency exchange Coinbase.