The Google hacker Tavis Ormandy discovered a third flaw in LastPass password manager in a few weeks, the expert provided a few details about the issue. The company quickly started fixing the issue but the popular hackers announced the discovery of new bugs while completing its tests. The vulnerability could be exploited by attackers to steal user passcodes by simply tricking victims into visiting a specifically crafted malicious website, the flaw also allows hackers in some cases to execute malicious code on computers running the program. LastPass confirmed that they are already working on a fix, as temporary mitigation they suggest users to enter stored passwords into websites using the LastPass vault.”]
Source: http://securityaffairs.co/wordpress/57504/hacking/lastpass-flaw.html