A mysterious threat actor has compromised the update mechanism of enterprise password manager application Passwordstate and deployed malware on its users' devices, most of which are enterprise customers.
This is hardly relevant. The event happened in 2021 and the vendor identified and took action within 28hrs. They have subsequently made major improvements to their software, including removing the previous method of updating. The issue affected Build 9117 and they are now on release 9823. I have to question the reasoning on reporting news that is over 2 years old and has been resolved promptly by the vendor.