Monday 16 September 2019
Popular password manager LastPass has fixed a serious flaw in its latest update that potentially allowed a malicious website to access the last used credentials entered by the browser extension. The clickjacking bug was discovered by Google Project Zero researcher Tavis Ormandy on August 30, part of the white-hat hack group devoted to finding bugs in software, reports ZDNet. Clickjacking is what happens when a user is tricked into clicking something that’s disguised as a different element, thus accidentally revealing confidential information, or even take control. “To exploit this bug, a series of actions would need to be taken by…
This story continues at The Next Web
