Your password manager isn’t as safe as you think
Researchers from ETH Zurich found serious vulnerabilities in Bitwarden, LastPass, and Dashlane — demonstrating attacks that could view and even modify stored passwords by spoofing server behavior during routine operations like logging in or syncing data. The root cause? These companies are still relying on cryptographic methods from the 1990s, partly because they're afraid that upgrading could lock existing customers out of their vaults. There's no evidence of active exploitation yet, but if you're choosing a password manager, the researchers recommend prioritizing ones with external audits, transparent disclosure, and end-to-end encryption enabled by default.