Aura, a government-owned tech company, has discovered what it is calling a "very big" software flaw in the Mozilla Firefox and Google Chrome web browsers. The bug was discovered by Alex Nikolova, a security analyst based in the company's Wellington office, and at the time of discovery had affected up to one in 10 browsers worldwide, or more than 300 million users. Nikolova first found the vulnerability in February and notified Mozilla and Google (the two companies who develop the web browsers). Both Google and Mozilla requested Nikolova not to speak publicly about the discovery until the software bug was "patched" last month. The bug was addressed in a security update "within days" according to Aura general manager Peter Bailey, with the latest version of Firefox (version 66) no longer exploitable. The company says there is no evidence to suggest malicious hackers had discovered or exploited the hole in the software before the NZ-based team identified it.