Vulnerabilities in Password Managers allow Attackers to view and change passwords

A team of security researchers discovered a set of vulnerabilities in four popular cloud-based password managers that would allow attackers to view and change passwords stored in victim's vaults.

Twenty-seven attack scenarios recently published targeting password manager services from Bitwarden, LastPass, Dashlane, and 1Password.
The attacks ranged from integrity violations to the complete compromise of ALL vaults in an organization.
The published paper here.