Pavlov Scope

Firefox has become the de facto browser for many Internet users due to its great feature set, extensibility, and generally higher security. A new phishing exploit against Firefox has generated a furious buzz on the Firefox bug page (bugzilla). The entry – found here – shows the details starting Nov. 12 of an "in the wild" attack against the Password Manager of Firefox. A user can be tricked into logging on to a page using the auto-populated credentials provided by Firefox and inadvertently disclose their ID and password to an attacker.
So far there is no patch for this flaw which would basically entail tightening up the verification mechanism prior to providing credentials to a page. Best advice at this time is to only log onto sites to which you directly visit (not sites you are redirected to). The nuances of this kind of attack make it difficult for the non-expert computer user to detect, so I sincerely hope we see a fix come from the Firefox community soon.