The Russian cybercrime group RomCom exploited two zero-day vulnerabilities in Firefox and Tor Browser to conduct attacks on users across Europe and North America. The first vulnerability (CVE-2024-9680) is a use-after-free issue in Firefox's Animation Timelines feature that could allow code execution. The second (CVE-2024-49039) is a Windows Task Scheduler privilege escalation flaw. RomCom chained these vulnerabilities to compromise systems without user interaction by tricking victims into visiting malicious websites. The attacks occurred between October 10-16, 2024 and targeted up to 250 victims per country. RomCom used the exploits to deliver their custom backdoor malware.