A Russian hacking group known as RomCom has been linked to the exploitation of two zero-day vulnerabilities in Mozilla Firefox and Windows operating systems. The vulnerabilities, identified as CVE-2024-9680 for Firefox and CVE-2024-49039 for Windows, were reportedly utilized in a widespread hacking campaign targeting users across Europe and North America. The Firefox flaw was patched on October 9, 2024, while the Windows vulnerability was addressed on November 12, 2024. Security researchers have noted that these exploits do not require user interaction, making them particularly dangerous. Additionally, the Matrix Botnet has been implicated in a separate campaign exploiting Internet of Things (IoT) devices, potentially affecting 35 million devices worldwide. This highlights the growing threat posed by IoT vulnerabilities in the cybersecurity landscape.