Password exfiltration possible with Bitwarden vulnerability

March 9, 2023, 7:51 p.m. | SC Staff

SC Magazine feed for Strategy www.scmagazine.com

BleepingComputer reports that password management service Bitwarden has a vulnerability within its web extension's credentials autofill functionality, which could be exploited to enable credential theft via website-embedded iframes.

autofill bitwarden bleepingcomputer credential credentials credential theft data security embedded enable exfiltration exploited extension iframes management password password management reports service theft vulnerability vulnerability management web website

Visit resource

More from www.scmagazine.com / SC Magazine feed for Strategy

Smoke and (screen) mirrors: A strange signed backdoor 18 hours ago | www.scmagazine.com

backdoor masquerading network security ops +6

Attackers evade detection by leveraging Microsoft Graph API 19 hours ago | www.scmagazine.com

api api security application security attackers +14

Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 1 day ago | www.scmagazine.com

cloud cloud security collaboration customers +10

US arrests ex-cyber consultant accused of IT firm extortion 1 day ago | www.scmagazine.com

address arrest arrests bleepingcomputer +21

Accelerated patching found with CISA KEV catalog-listed flaws 1 day ago | www.scmagazine.com

agency catalog cisa cisa kev +24

Path traversal vulnerability elimination in software sought by feds 1 day ago | www.scmagazine.com

agency bleepingcomputer cybersecurity devsecops +17

New AI security bill unveiled in Senate 1 day ago | www.scmagazine.com

act ai act aiml ai security +14

Data breach impacts Airsoft community site 1 day ago | www.scmagazine.com

breach cloud cloud storage community +19

Details on 2021 Chemonics hack remain scant 1 day ago | www.scmagazine.com

agency compromised critical-infrastructure-security cyberattack +11

QA Customer Response Engineer

@ ORBCOMM | Sterling, VA Office, Sterling, VA, US

View on infosec-jobs.com

Enterprise Security Architect

@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site

View on infosec-jobs.com

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

@ Sierra Nevada Corporation | Dayton, OH - OH OD1

View on infosec-jobs.com

Senior Development Security Analyst (REMOTE)

@ Oracle | United States

View on infosec-jobs.com

Software Engineer - Network Security

@ Cloudflare, Inc. | Remote

View on infosec-jobs.com

Software Engineer, Cryptography Services

@ Robinhood | Toronto, ON

View on infosec-jobs.com

View more jobs

all InfoSec news

Password exfiltration possible with Bitwarden vulnerability

More from www.scmagazine.com / SC Magazine feed for Strategy

Jobs in InfoSec / Cybersecurity

QA Customer Response Engineer

Enterprise Security Architect

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

Senior Development Security Analyst (REMOTE)

Software Engineer - Network Security

Software Engineer, Cryptography Services