Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. […]
You must log in or # to comment.
Unmatched clickjacking flaws
This isn’t news. The “unpatched flaws” are in the browser extensions, and are due to the nature of browser extensions rather than the software the extension talks to, which means they can’t be patched.
If you want to mitigate your exposure to this, don’t use the browser extension - which has always been true.
I know you said just don’t use the extension, but I’m a dolt. Is there a safest alternative method of use for me? Like am I better off only using a pass manager app on my phone?