A group of researchers discovered marketing companies are exploiting an 11-year-old vulnerability in browsers built-in password managers to track visitors. The gathered data allow them to target advertising across different browsers and devices. The same flaw could be exploited by threat actors to steal saved login credential from browsers without requiring users interaction. The researchers have found third-party tracking scripts on these websites that inject invisible login forms in the background of the webpage, the password managers are tricked into auto-filling the form using these data.”]
Source: http://securityaffairs.co/wordpress/67363/hacking/password-managers-web-trackers.html

