Attackers had compromised Passwordstate's software update with the objective of stealing customer passwords, and the company, Click Studios, has warned customers to reset their passwords.

Click Studios did not say how the attackers compromised the password manager’s update feature, but emailed customers with a security fix.

The company also said the attacker’s servers were taken down on April 22. But Passwordstate users could still be at risk if the attacker’s are able to get their infrastructure online again.

[techcrunch.com...]