Bitwarden

Bitwarden flaw can let hackers steal passwords using iframes  Bitwarden's credentials autofill feature contains a risky behavior that could allow malicious iframes embedded in trusted websites to steal people's credentials and send them to an attacker. The issue was reported by analysts at Flashpoint, who said Bitwarden first learned of the problem in 2018 but chose to allow it to accommodate legitimate sites that use iframes. Although the auto-fill feature is disabled on Bitwarden by default, and the conditions to exploit it aren't abundant, Flashpoint says there…