Password manager Dashlane disclosed that attackers compromised some customer accounts by brute-forcing its two-factor authentication system, gaining access to encrypted password vaults.
Dashlane, one of the largest password management services, confirmed hackers successfully bypassed its 2FA security layer through brute-force attacks. The breach allowed unauthorized access to customer accounts and the ability to download password vaults stored within the platform.
The company did not specify how many customers were affected or provide additional technical details about the attack method. Password managers store sensitive login credentials for users, making them high-value targets for cybercriminals.
The incident raises questions about the effectiveness of Dashlane's two-factor authentication implementation. Users relying on the service for credential storage face potential exposure if their master passwords were weak or previously compromised on other platforms.
Dashlane has not yet announced specific remediation steps or whether customer notifications are underway. The breach underscores ongoing security challenges even among dedicated password management providers.
Threat actors are deploying an AI-powered ransomware toolkit that automates Active Directory discovery and circumvents endpoint detection and response solutions. The advancement marks a significant escalation in ransomware attack sophistication.
Palo Alto Networks raised its adjusted earnings forecast, citing strong demand for security services as AI-related threats escalate concerns among enterprises and governments.
A Grand Theft Auto V cheat service suffered a security breach, with hackers stealing usernames, hashed passwords, and user data from thousands of gamers.
Google is rolling out a new security feature that alerts Android users when incoming calls may be impersonating contacts in their phone. The warning system aims to combat scam calls that spoof known numbers.