Password Manager
Fake LastPass death claims used to breach password vaults
LastPass is warning customers of a phishing campaign sending emails with an access request to the password vault as part of a legacy inheritance process. The activity started in mid-October, and the domains and infrastructure used point to a financially motivated threat group called CryptoChameleon (UNC5356). CryptoChamemelon employs a phishing kit specializing in cryptocurrency theft, targeting multiple wallets […]
Passwordstate dev urges users to patch auth bypass vulnerability
Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible. Passwordstate works as a secure password vault that enables organizations to store, organize, and control access to passwords, API keys, certificates, and various other types of credentials via a centralized web interface. […]
Major password managers can leak logins in clickjacking attacks
Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. Threat actors could exploit the security issues when victims visit a malicious page or websites vulnerable to cross-site scripting (XSS) or cache poisoning, where attackers […]
Fake KeePass password manager leads to ESXi ransomware attack
Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network. WithSecure’s Threat Intelligence team discovered the campaign after they were brought in to investigate a ransomware attack. The researchers found that the attack […]
Bitwarden makes it harder to hack password vaults without MFA
Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. When a potentially suspicious login attempt is detected, like from an unrecognized device, the user will now prompted to confirm the action by entering a verification code […]
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. Bitwarden is a popular password manager app with a “free” tier featuring end-to-end encryption, cross-platform support, MFA integration, and a user-friendly interface. Its user base has been growing steadily in the […]
LastPass warns of fake support centers trying to steal customer data
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by GeekFeed. LastPass is a popular password […]
Fake password manager coding test used to hack Python developers
Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. The attacks are part of the ‘VMConnect campaign’ first detected in August 2023, where the threat actors targeted software developers with malicious Python packages uploaded onto the PyPI repository. According […]
Google fixes Chrome Password Manager bug that hides credentials
Google has fixed a bug in Chrome’s Password Manager that caused user credentials to disappear temporarily for more than 18 hours. The outage began on Wednesday, affecting users worldwide who rely on Chrome’s built-in tool to store and autofill their passwords. In a Google Workspace incident report, the company says the issue affected approximately 2% of […]