VERY IMPORTANT

Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions. On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox escape, to target Coinbase employees. They have generously shared the indicators. Please see the reference for full context from Philip Martin (@SecurityGuyPhil) with additional actor details from FireEye's Nick Carr.