LastPass Confirms Credential Stuffing Attempts But Says No Accounts Have Been Compromised

Apache releases another Log4j version to fix a new flaw, T-Mobile suffered another, smaller data breach, Movie piracy app clones on Samsung store can infect phones with malware, much more

Password keeper LastPass confirmed that some of its users had been subject to credential stuffing attacks but said it had no indication that any accounts had been compromised or any LastPass credentials were harvested by malware, rogue browser extensions, or phishing campaigns.

A spokesperson for parent company LogMeIn said that it would continue to investigate what was causing automated security alert e-mails to be triggered from its systems. He also said that some of the security alerts sent to a limited subset of LastPass users were likely triggered in error. As a result, LastPass adjusted its security alert systems, and the issue has since been resolved. (Sergiu Gatlan / Bleeping Computer)

Related: Apple Insider, Android Police, Security News | Tech Times, Reddit, Gizmodo, LastPass, Reddit, Slashdot, iPhone in Canada Blog, The Verge, MobileSyrup.com, Ubergizmo, Input, Cyber Kendra, protocol, DataBreaches.net, Security Affairs, Silicon Angle, The Register - Security, The Record by R…