LastPass Archives - Security Affairs

Pierluigi Paganini March 10, 2025

Feds seized $23 million in crypto stolen using keys from LastPass breaches

U.S. authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. U.S. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. Security researcher ZachXBT identified the victim […]

Pierluigi Paganini April 12, 2024

LastPass employee targeted via an audio deepfake call

Crooks targeted a LastPass employee using deepfake technology to impersonate the company’s CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate LastPass ‘s CEO, targeting an employee of the company. The attack occurred this week, but the employed recognized the attack and the attempt failed. According to the password […]

Pierluigi Paganini March 13, 2023

CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog

US CISA added remote code execution vulnerability in Plex Media Server to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) vulnerability in the Plex Media Server, tracked as CVE-2020-5741 (CVSS score: 7.2), to its Known Exploited Vulnerabilities Catalog. The three-year-old high-severity flaw is a deserialization of […]

Pierluigi Paganini March 07, 2023

LastPass hack caused by an unpatched Plex software on an employee’s PC

The LastPass data breach was caused by the failure to update Plex on the home computer of one of the company updates. The security breach suffered by LastPass was caused by the failure to update Plex on the home computer of one of its engineers. Recently, the password management software firm disclosed a “second attack,” […]

Pierluigi Paganini February 27, 2023

LastPass: hackers breached the computer of a DevOps engineer in a second attack

Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers […]

Pierluigi Paganini December 23, 2022

LastPass revealed that encrypted password vaults were stolen

The data breach suffered by LastPass in August 2022 may have been more severe than previously thought. In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical information. […]

Pierluigi Paganini December 01, 2022

Lastpass discloses the second security breach this year

LastPass disclosed a new security breach, threat actors had access to its cloud storage using information stolen in the August 2022 breach. Password management solution LastPass disclosed a new security breach, the attackers had access to a third-party cloud storage service using information stolen in the August 2022 breach. The impacted cloud storage service is […]

Pierluigi Paganini September 17, 2022

LastPass revealed that intruders had internal access for four days during the August hack

The Password management solution LastPass revealed that the threat actors had access to its systems for four days during the August hack. Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. The company revealed that the threat actor had access to its network for four days […]

Pierluigi Paganini August 25, 2022

LastPass data breach: threat actors stole a portion of source code

Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical […]

Pierluigi Paganini December 28, 2021

LastPass investigated recent reports of blocked login attempts

Password manager app LastPass confirmed that threat actors have launched a credential stuffing attack against its users. While LastPass says that it is not aware that some of its accounts were compromised in the recent credential stuffing attacks that started on Monday, numerous LastPass users claim that their master passwords have been compromised after receiving […]

LastPass

Feds seized $23 million in crypto stolen using keys from LastPass breaches

LastPass employee targeted via an audio deepfake call

CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog

LastPass hack caused by an unpatched Plex software on an employee’s PC

LastPass: hackers breached the computer of a DevOps engineer in a second attack

LastPass revealed that encrypted password vaults were stolen

Lastpass discloses the second security breach this year

LastPass revealed that intruders had internal access for four days during the August hack

LastPass data breach: threat actors stole a portion of source code

LastPass investigated recent reports of blocked login attempts

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

The U.S. House banned WhatsApp on government devices due to security concerns

QUICK LINKS

LastPass

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!