Two security reports that have been disclosed to LastPass have been resolved. One report was disclosed yesterday, while the other report was responsibly reported and fixed over a year ago. Both exploits do require tricking a user via a phishing attack into going to a malicious website. LastPass strongly recommends the following general best practices for online security: Do not click on links from people you dont know, or that seem out of character from your trusted contacts and companies. Use a different, unique password for every online account.”]
Source: https://blog.lastpass.com/2016/07/lastpass-security-updates/