LastPass, Bitwarden users targeted with fake security alerts
ID: 98c5b6d8-4c60-57a3-9ee9-11839d55a461
STIX ID: report--98c5b6d8-4c60-57a3-9ee9-11839d55a461
Feed Name: Bleeping Computer
A phishing campaign is targeting LastPass and Bitwarden users with fake security notices sent from addresses like [email protected] and [email protected], redirecting victims to impersonated DocuSign sites (e.g., lastpasscompliance.com, bitwardencompliance.com) that prompt downloads and may harvest credentials. LastPass confirms its infrastructure was not compromised, the malicious sites have been taken offline, and users who entered credentials should change their master passwords and report suspicious communications.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
