Bitwarden flaw can let hackers steal passwords using iframes

Risky behaviour in Bitwarden’s credentials autofill feature could let malicious iframes placed on reliable websites capture users’ login information and transmit it to an attacker. Analysts at Flashpoint claimed Bitwarden initially became aware of the vulnerability in 2018 but decided to permit it in order to accommodate trustworthy websites that employ iframes.

Although Bitwarden’s auto-fill feature is deactivated by default and there aren’t many opportunities to exploit it, according to Flashpoint, there are still websites that fit the bill where motivated threat actors could try to take advantage of these loopholes.

Bitwarden flaw can let hackers steal passwords using iframes

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Bitwarden flaw can let hackers steal passwords using iframes

08-Mar-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address