InfoSec News Nuggets 12/15/2023

How worried should we be about the “AutoSpill” credential leak in Android password managers?  By now, you’ve probably heard about a vulnerability named AutoSpill, which can leak credentials from any of the seven leading password managers for Android. The threat it poses is real, but it’s also more limited and easier to contain than much of the coverage to date has recognized. This FAQ dives into the many nuances that make AutoSpill hard for most people (yours truly included)…
Read More