Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords
blog.redteam-pentesting.de
Sometimes, making particular security design decisions can have unexpected consequences. For security-critical software, such as password managers, this can easily lead to catastrophic failure: In this blog post, we show how Bitwarden’s Windows Hello …
  • trevor@lemmy.blahaj.zone
    1·
    10 months ago

    For anyone that doesn’t read beyond the headlines: the article mentions that this was a vulnerability that was responsibly disclosed in private and fixed in April 2023. As long as you’ve updated, this isn’t exploitable.