On October 25, the development team said that in early June, Firefox discovered add-ons that were misusing the browser's proxy API, used by software to manage how the browser connects to the internet. 

Add-ons are software modules that can be installed to customize a user's browsing experience and may include anti-tracking software, ad blockers, themes, and utilities. 

However, they may also become a conduit for malicious purposes, such as data theft or eavesdropping, a challenge faced by all browser developers. 

According to Mozilla, the add-ons removed in the sweep tampered with the browser's update functionality; in particular, users were unable to download updates, access updated blocklists, or update remotely configured Firefox content. 

The add-ons have been blocked, and approval was temporarily paused for new add-on developer submissions when the proxy API was in use to create and deploy a fix. 

Firefox, starting with v.91.1, now also includes changes to harden the update process. A fallback mechanism to direct connections for update purposes and other "important requests" made by the browser has been implemented, allowing downloads to take place whether or not a proxy configuration causes connection issues. 

https://www.zdnet.com/article/mozilla-firefox-cracks-down-on-malicious-add-ons-used-by-455000-users/