Bitwarden Password Manager Flaw Let Attackers Steal Credentials


The Flashpoint Vulnerability Research team observed that Bitwarden, a well-known password manager browser extension, treated embedded iframes on web pages in an unusual way. 

Insecure behavior in Bitwarden’s credentials autofill feature makes it possible for malicious iframes embedded on reliable websites to take advantage of users’ credentials and pass them to an attacker.

The