Cybersecurity startup Aisle discovered a subtle but dangerous coding error in a Firefox WebAssembly implementation sat undetected for six months despite being shipped with a regression testing capability created by Mozilla to find such a problem.

The post Undetected Firefox WebAssembly Flaw Put 180 Million Users at Risk appeared first on Security Boulevard.

Airbus has entered the final phase of its unprecedented global retrofit effort, confirming that fewer than 100 A320s in service still require updates after the discovery of a software vulnerability that triggered the largest emergency recall the manufacturer has ever executed. The company disclosed on Monday that nearly the entire A320-family fleet, about 6,000 aircraft worldwide, has now received the mandated modification. 

Origins of the Airbus Recall and Early Regulatory Response

The action followed a recent mid-air incident involving a JetBlue A320 in which the aircraft experienced a sudden altitude drop. Investigators later identified that intense solar flares may have compromised data essential to the jet’s flight-control functions, exposing a software vulnerability in the system managing the aircraft’s nose-angle performance. The incident alarmed regulators around the world and quickly led to mandatory retrofit orders across the global fleet of A320s.  Airbus moved quickly, implementing what it described as a “precautionary fleet action” and issuing an eight-page safety alert that initiated immediate groundings. The timing created operational chaos for many carriers, particularly in the United States, where the rush to complete the required updates collided with the heavy travel surge over the Thanksgiving weekend. Airlines from Asia to South America were compelled to take aircraft out of service with little warning as the scale of the issue emerged.  Sources familiar with the internal decision-making reported that the recall was initiated shortly after engineers drew a potential connection between the JetBlue event and the flawed software logic. The findings pointed to how solar radiation could corrupt flight-control data, prompting Airbus to request urgent repairs before allowing affected aircraft back into rotation.

Operational Disruptions Across Airlines Worldwide

The consequences were immediate for operators. Avianca, based in Colombia, suspended new bookings until December 8 in order to manage the grounding of its impacted A320s. Finnair and other carriers were forced to inspect their fleets on one aircraft at a time because Airbus’s initial alert did not list specific serial numbers, complicating efforts to determine which jets required urgent attention.  Airbus detailed the nature of the issue in a formal statement: “Analysis of a recent event involving an A320 Family aircraft has revealed that intense solar radiation may corrupt data critical to the functioning of flight controls. Airbus has consequently identified a significant number of A320 Family aircraft currently in-service which may be impacted.”  The company added that it worked “proactively with the aviation authorities” to implement available software and hardware protections, acknowledging the operational disruptions and apologizing to passengers while emphasizing that safety remains its “number one and overriding priority.” 

Implementing the Fix and Remaining Challenges

The mandated fix itself was relatively straightforward but required precise execution. Technicians reverted affected A320s to an earlier version of the software governing the aircraft’s nose-angle system. This involved uploading the legacy software through a data-loader device brought directly into the cockpit, a measure designed to prevent cyber interference. While the installation process was simple in principle, each aircraft had to be updated individually, creating workload bottlenecks for carriers with large fleets.  Airlines also faced an unexpected hurdle: a shortage of data loaders. One industry executive noted privately that some operators had only a handful of these devices on hand, slowing the pace of updates during a period when hundreds of A320s required immediate attention. In addition, an unspecified number of older aircraft will ultimately need full computer replacements rather than software changes, adding another layer of complexity for maintenance teams.  Even with these challenges, the majority of the fleet has now been restored to service, marking good progress just days after regulators issued their emergency directives. With fewer than 100 jets awaiting updates, Airbus appears close to closing one of the most disruptive safety events ever to affect the A320 family, an episode that reshaped holiday travel plans worldwide and highlighted the unexpected risks posed by solar radiation on modern aircraft systems. 

A cybersecurity incident at Eurofiber France was officially confirmed after the company identified unauthorized activity on November 13, 2025. The incident involved a software vulnerability that allowed a malicious actor to access data from Eurofiber France’s ticket management platform and the ATE customer portal. According to the company, the situation is now under control, with systems secured and additional protective measures implemented.

Cybersecurity Incident Impacted Ticketing Platform and ATE Portal

Eurofiber France stated that the cybersecurity incident affected its central ticket management platform used by regional brands Eurafibre, FullSave, Netiwan, and Avelia. It also impacted the ATE portal, part of Eurofiber France’s cloud services operating under the Eurofiber Cloud Infra France brand. The company confirmed that the attacker exploited a software vulnerability in this shared environment, leading to the exfiltration of customer-related data. The company emphasized that the incident is limited to customers in France using the affected platforms. Customers using Eurofiber services in Belgium, Germany, or the Netherlands, including Eurofiber Cloud Infra in the Netherlands, were not impacted. Eurofiber also noted that the effect on indirect sales and wholesale partners within France remains minimal, as most partners operate on separate systems.

Immediate Response and Containment Measures

Within hours of detecting the breach, Eurofiber France placed both the ticketing platform and the ATE portal under reinforced security. The vulnerability was patched, and additional layers of protection were deployed. The company said its internal teams, working alongside external cybersecurity experts, are now focused on assisting customers in assessing and managing the impact. Eurofiber clarified that no sensitive financial information, such as bank details or regulated critical data stored in other systems, was compromised. All services remained fully operational during the attack, and there was no disruption to customer connectivity or service availability. Customers were notified immediately after the breach was detected. Eurofiber stated it would continue to update affected organizations transparently as the investigation progresses.

Regulatory Notifications and Ongoing Investigation

In line with European regulatory requirements, Eurofiber France has notified the CNIL (France’s Data Protection Authority under GDPR) and reported the incident to ANSSI (the French National Cybersecurity Agency). A police complaint has also been filed in connection with an extortion attempt linked to the attack. The company reaffirmed its commitment to transparency, data protection, and cybersecurity throughout the remediation process.

External Research Points to Larger Data Exposure

International Cyber Digest, a third-party cybersecurity research group, reported that the breach may have exposed information belonging to approximately 3,600 customers. According to their analysis, the threat actor — who identifies as “ByteToBreach” — gained full access to Eurofiber’s GLPI database, including client data, support tickets, internal messages, passwords, and API keys. Researchers noted that Eurofiber’s GLPI installation may have been operating on versions 10.0.7–10.0.14, potentially outdated and vulnerable. The attacker, in comments shared with the researchers, claimed to have executed a slow, time-based SQL injection attack and extracted nearly 10,000 password hashes over a period of 10 days. They reportedly used administrator-level API keys to download internal documents and customer PII. ByteToBreach also claimed to have contacted both GLPI’s developer, Teclib, and Eurofiber to negotiate ransom demands. According to the research group, those attempts received no response. Eurofiber France operates over 76,000 kilometers of fiber network and 11 data centers, serving between 9,000 and 12,000 business and government customers. The company’s French clientele includes several major public institutions and private-sector organizations. Eurofiber France reiterated that all systems have now been secured and that enhanced monitoring and preventive measures are in place. The company said its teams remain fully mobilized until the cybersecurity incident is completely resolved.