Jacob Kaplan-Moss

2 items tagged “lastpass”

📌 1225 - LastPass: global properties can be modified across isolated worlds, allowing remote code execution - project-zero - Monorail

Another Tavis/P0 password manager finding. Could affect other types of plugins, so if you write one, worth reading. Also worth reading through to see a good example of a researcher and vendor working closely to understand a complex issue and deploy a systemic fix. #

📌 TeamSIK – Password-Manager Apps

A bunch of vulnerabilities in password apps. for linkspam—call out themes: quick fixes (some teams), mobile browsers, others? #