Metacurity

Share this post

Australian Firm Behind Passwordstate Compromised in Supply Chain Attack

metacurity.substack.com

Australian Firm Behind Passwordstate Compromised in Supply Chain Attack

AirDrop flaws can expose private information, Emotet was automatically wiped from infected computers, Data from 20 million BigBasket users compromised in a breach, DoD releases 175M IP addresses, more

Cynthia Brumfield
Apr 26, 2021
∙ Paid
1
Share
Share this post

Australian Firm Behind Passwordstate Compromised in Supply Chain Attack

metacurity.substack.com

Check out our special edition from yesterday on the death of hacking pioneer Dan Kaminsky at 42.

Click Studios, the Australian software firm behind password manager application Passwordstate, notified its 29,000 customers that an unknown threat actor compromised the update mechanism of Passwordstate.

According to press reports, the malware-laced update was live for 28 hours between April 20, 20:33 UTC and April 22, 00:30 UTC. Danish security firm CSIS said the app’s password cache was stolen. Click Studios told customers to change all the passwords they stored inside compromised Passwordstate password managers as soon as possible. (Catalin Cimpanu / The Record)

Related: Reddit - cybersecurity, Gizmodo, E Hacking News, Bleeping Computer, DataBreaches.net, SecureReading, Cyber Kendra, Ars Technica, Cyberscoop, TechCrunch, Bleeping Computer, ZDNet, IT Wire, Dark Reading, The Record, CSIS Group, Techradar, SecurityWeek, PCMag.com, SlashGear, Security Affairs, The Hacker News

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing