Sarah Gooding (@sarahgooding.bsky.social)

1Password, Bitwarden, LastPass, Enpass, iCloud Passwords, and LogMeOnce remain vulnerable to zero-day clickjacking vulnerabilities disclosed at DEF CON. Vendors downplayed or ignored the issue. Socket has filed a CVE to ensure these risks are formally tracked. socket.dev/blog/passwor...

loading . . .

Researcher Exposes Zero-Day Clickjacking Vulnerabilities in ... Hacker Demonstrates How Easy It Is To Steal Data From Popular Password Managers https://socket.dev/blog/password-manager-clickjacking