The company has patched a vulnerability that could allow malicious sites unauthorized access to usernames and passwords. LastPass said it fixed the bug in a blog post dated Sept. 13. A vulnerability researcher from Google Project Zero discovered the bug on Aug. 29. The vulnerability was limited to Chrome and Opera, but LastPass has since patched it, security experts said. Security experts recommend that Web users running LastPass ensure that the version of the software they re running is 4.33 or later.
Source: https://threatpost.com/lastpass-fixes-bug-that-leaks-credentials/148378/

