Security researchers are warning that old Bitcoin addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic flaw. The vulnerability resides in the use of the SecureRandom() function for generating a random Bitcoin address and its adjacent private key (equivalent of a password) The problem is that this function doesn’t actually generate true random data. Users who generated Bitcoin addresses using affected tools are advised to generate new Bitcoin addresses with a new tool and move funds from old accounts to the new ones.
Source: https://www.bleepingcomputer.com/news/security/old-javascript-crypto-flaw-puts-bitcoin-funds-at-risk/