KeePass Disputes Recently Found Database Theft Vulnerability
A recent vulnerability in password manager KeyPass allows threat actors to get the entire database in plain text, which includes all names and passwords. To steal the information, the attackers need write access which is used to alter the KeePass XML configuration file and inject a malicious trigger that would export the database. KeePass dev team has disputed over this being classified as a vulnerability since having write access to the device allows information stealing in various ways. Read more...