A good reminder to use some form of anti-exploit (AE), I'm not sure if all AV's would be able to block this stuff. You need a tool that can block malicious process execution that is triggered by some browser exploit. On the other hand, it's not clear to me if this malware loads in-memory (or fileless) inside the browser process, if so, then process execution monitoring isn't enough. Then you need more advanced AE like MBAE or HMPA to stop the exploit at an earlier stage. https://thehackernews.com/2024/11/romcom-exploits-zero-day-firefox-and.html?m=1
I wouldn't bet on it, since I assume it only checks for known malicious websites. Like I said, it's better to rely on anti-exploit tools, they can't identify the malware itself (like most AV's) but they simply block the exploition technique, or try to block malware from loading, by blocking unknown child processes from the browser for example.
