24h ago

Zero-Day Vulnerability allow attackers to steal users data Found in Password Managers( 1Password, Bitwarden, LastPass, Enpass, iCloud Passwords, and LogMeOnce remain unpatched— still vulnerable)

DOM-based Extension Clickjacking: Your Password Manager Data at Risk

cross-posted from: https://programming.dev/post/36006277

Independent verification and publication by Socket Security.
Fixed: NordPass, ProtonPass, RoboForm, Dashlane, Keeper
Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce

Technology @programming.dev

Pro @programming.dev

24h ago

Zero-Day Vulnerability allow attackers to steal users data Found in Password Managers( 1Password, Bitwarden, LastPass, Enpass, iCloud Passwords, and LogMeOnce remain unpatched— still vulnerable)

marektoth.com /blog/dom-based-extension-clickjacking/