03 Dec, 2024

Fake Bitwarden ads on Facebook push info-stealing Chrome extension

Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. Bitwarden is a popular password manager app with a “free” tier featuring end-to-end encryption, cross-platform support, MFA integration, and a user-friendly interface. Its user base has been growing steadily in the […]

2 mins read

LastPass warns of fake support centers trying to steal customer data

LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by GeekFeed. LastPass is a popular password […]

3 mins read

Fake password manager coding test used to hack Python developers

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. The attacks are part of the ‘VMConnect campaign’ first detected in August 2023, where the threat actors targeted software developers with malicious Python packages uploaded onto the PyPI repository. According […]

3 mins read

Google fixes Chrome Password Manager bug that hides credentials

Google has fixed a bug in Chrome’s Password Manager that caused user credentials to disappear temporarily for more than 18 hours. The outage began on Wednesday, affecting users worldwide who rely on Chrome’s built-in tool to store and autofill their passwords. In a Google Workspace incident report, the company says the issue affected approximately 2% of […]

2 mins read