Widespread password supervisor plugins for net browsers have been discovered prone to clickjacking safety vulnerabilities that could possibly be exploited to steal account credentials, two-factor authentication (2FA) codes, and bank card particulars below sure circumstances.
The approach has been dubbed Doc Object Mannequin (DOM)-based extension clickjacking by impartial safety researcher Marek Tóth,
DOM-Primarily based Extension Clickjacking Exposes Widespread Password Managers to Credential and Knowledge Theft
