Password managers vulnerable: 40 million users at risk of stolen data

Here is a 187-word summary of the news article: Security researchers have discovered a common vulnerability in 11 popular password manager services, affecting an estimated 40 million users worldwide. The vulnerability, known as clickjacking, allows hackers to trick users into inadvertently activating their password manager and exposing their login credentials and other sensitive data. The affected password managers include 1Password, Bitwarden, Dashlane, Enpass, iCloud Passwords, Keeper, LastPass, LogMeOnce, NordPass, ProtonPass, and RoboForm. The vulnerability stems from a flaw in the Document Object Model (DOM) that these password managers' browser extensions use. Hackers can create fake websites that look legitimate, but contain invisible clickable elements that activate the password manager. This allows the hackers to intercept and steal the entered passwords, as well as other personal information like credit card details. While some providers like Bitwarden have issued patches, many others have yet to address the vulnerability. Users are advised to avoid clicking on unknown links, turn off auto-fill settings, and manually access websites instead of relying on password manager auto-complete features. Caution is strongly recommended until all affected services have fully resolved this critical security flaw.