To understand this in context, check out this recent LastPass blog post: https://news.ycombinator.com/item?id=8022543. One of these vulnerabilities (an insecure version of a bookmarklet) has been known to security researchers for about a year. Though LP claims that this is not serious, this article points out that there are much larger problems going on here. Comment from LP would be helpful.
1 comment
[ 4.2 ms ] story [ 15.4 ms ] thread