Security News > 2017 > March > LastPass extensions can be made to cough up passwords, deliver malware (Help Net Security)

LastPass Chrome and Firefox extensions contain flaws that could allow malicious websites to steal victims’ passwords or execute commands on their computer. The flaws were discovered by Google Project Zero researcher Tavis Ormandy, and responsibly disclosed to LastPass. But while the company has pushed out what seems to be a slapdash and incomplete fix in the latest version of the Chrome extension (4.1.42, dated March 14, 2017), a fixed version of the Firefox plug-in has … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/ZIosPffk5EA/