SecurityWeek

Password Managers Vulnerable to Vault Compromise Under Malicious Server

Researchers at ETH Zurich have tested the security of Bitwarden, LastPass, Dashlane, and 1Password password managers.
The Hacker News

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

Academic study finds 25 attack methods in major cloud password managers exposing vault, recovery, and encryption design risks.

Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era

Password-based authentication is increasingly risky as organizations adopt passkeys to strengthen security and meet ISO/IEC 27001 requirements. Passwork explains how to align passwordless adoption ...
Infosecurity Magazine

Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords

A group of academic security researchers have detailed a set of vulnerabilities in four popular cloud-based password managers that could allow an attacker to view and change the passwords stored in a ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...