The RomCom cyber threat group exploited zero-day vulnerabilities (CVE-2024-9680 and CVE-2024-49039) in Mozilla Firefox and Windows to deploy their backdoor. The vulnerabilities allowed zero-click exploitation, delivering payloads without user interaction. Fake websites were used to target victims worldwide, mainly in Europe and North America. The backdoor provided attackers with complete system control.