LastPass is a organization tracked across 21 threat clusters and 48 intelligence report mentions on ThreatCluster. First observed December 11, 2025; most recent activity July 14, 2026.
Active exploitation of two critical vulnerabilities has been reported: CVE-2026-20230 in Cisco Unified CM and CVE-2026-20971 in Samsung KNOX. The Cisco flaw, a server-side request forgery (SSRF), poses an immediate…
In 2026, significant cybersecurity incidents have emerged, including a data breach at the US Social Security Administration (SSA) linked to the Department of Government Efficiency (DOGE) led by Elon Musk. Reports…
On June 11, 2026, international law enforcement agencies, including the U.S. Secret Service and Europol, announced the dismantling of the AudiA6 cryptocurrency laundering network, which laundered over $389 million from…
LastPass has been fined £1.2 million ($1.6 million) by the UK's Information Commissioner's Office (ICO) for a data breach in 2022 that affected up to 1.6 million UK users. The breach occurred in two parts, with the…
A phishing campaign is targeting LastPass and Bitwarden users through fraudulent emails that mimic legitimate security notifications. These emails, sent from spoofed domains like lastpassnewsletter.com, claim to inform…
The ShinyHunters extortion gang has claimed responsibility for a series of voice phishing attacks targeting single sign-on (SSO) accounts at major platforms including Okta, Microsoft, and Google. In these attacks,…
The UK's Information Commissioner's Office has fined LastPass £1.2 million due to a data breach that affected 1.6 million individuals. The breach resulted from LastPass's failure to implement adequate technical and…
A class-action lawsuit settlement of USD $3 million has been approved for Canadians affected by the LastPass data breach that occurred in 2022. The breach involved unauthorized access to user accounts, with over 1.1…
The NHS GP software supplier DXS has been hit by a cyber attack, with the ransomware group DevMan claiming to have stolen 300 gigabytes of data. In response, DXS has engaged a cybersecurity firm to investigate the…
Researchers from ETH Zurich and Università della Svizzera italiana identified vulnerabilities in four cloud-based password managers: Bitwarden, LastPass, Dashlane, and 1Password. These flaws could allow attackers to…