Password managers found leaking credentials through invisible overlays

A single click can trigger password leaks in top browser-based managers.
Eleven password managers found vulnerable to clickjacking attacks leaking login and payment data.

Several top password managers have been found vulnerable to a critical flaw that allows hackers to steal sensitive information with a single click.

Hackers can overlay invisible HTML elements on fake pop-ups, tricking password managers into autofilling credentials into malicious fields without the user’s knowledge, causing serious cybersecurity concerns,

Once triggered, attackers can access login credentials, two-factor authentication codes, and credit card information, which is then sent to a remote server. The flaw allows the malicious script to detect which password manager is active and adapt the attack accordingly.

Vendors were alerted in April and have begun issuing patches or workarounds. Until then, users are advised to disable autofill features and use manual copy-paste. Chromium-based browser users should also set extensions to activate only on click.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!