Users of password management system LastPass can rest a bit easier today. The company quickly addressed a security bug that allowed malicious sites to access user logins.
What was the problem? The extension’s autofill function, which populated usernames and passwords when users visited the applicable website. LastPass would only examine part of a web address when determining whether to initiate the autofill function, and the software could be fooled if a URL included another language.
Since this issue was reported, LastPass updated all browser clients and assured users they don’t need to do anything else to stay safe.
To learn more, check out the video below from CNET: