VERY IMPORTANT

LastPass has alerted customers about a phishing campaign exploiting their brand. The scam emails, with subjects like 'We Have Been Hacked,' aim to create urgency and trick recipients into clicking malicious links. These links direct to fake sites hosted at domains like lastpassdesktop.com. LastPass is working to take down these domains and Cloudflare has added warning pages. Similar phishing attempts have targeted other password managers like 1Password. These campaigns seek to steal credentials and secret keys, potentially granting access to users' password vaults. LastPass emphasizes that it has not been hacked and is actively combating this phishing threat.