Five hours after Firefox 3 was released, DVlabs alerted the public to a vulnerability that an anonymous researcher reported to them.

There seems to be a lot of fear from the Mozilla fans and prophesizing from the rest. This has definitely got the zealots attention.

Despite all the smoke, there are only four things can be sure of as of this date and time:

• This may not be Firefox specific but a social engineering exploit that any browser is vulnerable to. DV labs does say user interaction is a component. I didn't see any hard facts that another browser was immune although there were many implications.
• You will be safe if you are running NoScript and are using safe browsing habits.
• Money didn't triumph principle. The "researcher" didn't sell the code to "shady customers" as some headlines imply.
• Publicity wasn't the main motive. The "researcher" was anonymous and wont garnish any publicity as of yet.

So far, I haven't heard of any real "bug" besides the one sitting at the keyboard. But we wont really know until DV labs decides to divulge more information.

The best thing we can do here is keep safe (use NoScript and safe habits) and sit tight.