Data Protection

Password Managers Vulnerable to Data Theft via Clickjacking

A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks.

Password manager security

A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks that could lead to the theft of highly sensitive data.

The research was conducted by Marek Tóth and it was presented earlier this month at the DEF CON conference. The researcher has now also published a blog post detailing his findings.

The researcher targeted 1Password, Bitwarden, Dashlane, Enpass, Keeper, LastPass, LogMeOnce, NordPass, ProtonPass, RoboForm, and Apple’s iCloud Passwords, specifically their associated browser extensions. 

These browser extensions are very popular. An analysis by the researcher found that they have a total of nearly 40 million active installations, based on data from the official browser extension repositories for Chrome, Edge and Firefox. 

Clickjacking is an attack technique in which the attacker tricks the targeted user into clicking on hidden elements on a web page. The attacker sets up a website that contains malicious buttons or other elements that are transparent and placed on top of harmless-looking elements on the page. When the victim visits the attacker’s site and interacts with these harmless-looking elements, they are actually clicking on the malicious element, unknowingly carrying out dangerous actions. 

Tóth showed how an attacker can use DOM-based extension clickjacking and the autofill functionality of password managers to exfiltrate sensitive data stored by these applications, including personal data, usernames and passwords, passkeys, and payment card information. 

Advertisement. Scroll to continue reading.

The attacks demonstrated by the researcher require 0-5 clicks from the victim, with a majority requiring only one click on a harmless-looking element on the page. The single-click attacks often involved exploitation of XSS or other vulnerabilities. 

DOM, or Document Object Model, is an object tree created by the browser when it loads an HTML or XML web page. It enables JavaScript and other scripting languages to interact with and change the page, including hide elements, modify text, or add new content dynamically.

Tóth’s attack involves a malicious script that manipulates user interface elements injected by browser extensions into the DOM. “The principle is that a browser extension injects elements into the DOM, which an attacker can then make invisible using JavaScript,” he explained.

According to the researcher, some of the vendors have patched the vulnerabilities, but fixes have not been released for Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, and LogMeOnce. 

SecurityWeek has reached out to these companies for comment. Bitwarden said a fix for the vulnerability is being rolled out this week with version 2025.8.0. LogMeOnce said it’s aware of the findings and it has released a patch.

1Password and LastPass have shared additional context on the issue from the perspective of password manager developers. 

Jacob DePriest, CISO at 1Password, pointed out that clickjacking is a long-standing web attack technique that affects websites and browser extensions broadly. 

“Because the underlying issue lies in the way browsers render webpages, we believe there’s no comprehensive technical fix that browser extensions can deliver on their own,” DePriest told SecurityWeek.

“We take this and all security concerns seriously, and our approach to this particular risk is to focus on giving customers more control. 1Password already requires confirmation before autofilling payment information, and in our next release, we’re extending that protection so users can choose to enable confirmation alerts for other types of data. This helps users stay informed when autofill is happening and in control of their data,” he added.

Alex Cox, Director of Threat Intelligence, Mitigation, Escalation (TIME) at LastPass, also noted that Tóth’s research “highlights a broader challenge facing all password managers: striking the right balance between user experience and convenience, while also addressing evolving threat models.”

“LastPass has implemented certain clickjacking safeguards, including a pop-up notification that appears before auto-filling credit cards and personal details on all sites, and we’re committed to exploring ways to further protect users while continuing to preserve the experience our customers expect,” Cox explained. 

He added, “In the meantime, our [TIME] team encourages all users of password managers to remain vigilant, avoid interacting with suspicious overlays or pop-ups, and keep their LastPass extensions up to date.”

Related: Passkey Login Bypassed via WebAuthn Process Manipulation

Related: Major Enterprise AI Assistants Can Be Abused for Data Theft, Manipulation

Related Content

Vulnerabilities

Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software.

Vulnerabilities

The privilege escalation vulnerability tracked as CVE-2026-50656 has been patched with a Microsoft Malware Protection Engine update.

Artificial Intelligence

Wiz has disclosed the details of a new AI coding assistant attack method it has dubbed GhostApproval.

Vulnerabilities

The security refresh resolves 13 use-after-free bugs, including two critical-severity flaws found by Google.

Vulnerabilities

Tracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device's web management interface.

Artificial Intelligence

The "Rogue Agent" vulnerability could have enabled attackers to silently manipulate AI conversations, exfiltrate data, and compromise every Dialogflow CX agent within the same...

Artificial Intelligence

Researchers show how attackers can use a crafted public GitHub Issue to trick AI-powered workflows into exposing data from private repositories without authentication.

Vulnerabilities

Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositories and secrets.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version