LastPass Warns of Fake Maintenance Messages Targeting Users' Master Passwords

LastPass is alerting users to a new active phishing campaign that's impersonating the password management service, which aims to trick users into giving up their master passwords. The campaign, which began on or around January 19, 2026, involves sending phishing emails claiming upcoming maintenan...

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs. The blockchain intelligence firm said...

Linux Distros Unpatched Vulnerability : CVE-2017-8296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kedpm 0.5 and 1.0 creates a history file in /.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written ther...

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

A proof-of-concept PoC has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux,...

KeePass 安全漏洞

KeePass is an open source password manager. A security vulnerability exists in version 2.x prior to KeePass 2.54 that stems from the ability to recover plaintext master passwords from a memory dump even if the workspace is locked or no longer running...

Hackers Breach LastPass Developer System to Steal Source Code

Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed,...

Severe flaws in password managers let hackers extract clear-text passwords

By Waqas Password Managers aren’t as secure as you might assume - Security researchers claim that hackers can steal master passwords in PC memory. Password managers are considered as one of the most suitable options when it comes to keeping your online credentials safe from being hijacked and...

CVE-2017-8296

kedpm 0.5 and 1.0 creates a history file in /.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password...

LastPass Forces Users to Change Master Passwords Following Suspicious Activity

LastPass, one of the most popular cloud-based password management services, is forcing users to change their master passwords as a precaution after it discovered an unauthorized data transfer out of its network. In a post on its blog the company explains, in sufficient detail, what prompted this...