Cybercriminals are starting to target password managers to gain access to important digital accounts. A recent report, Picus Security’s Red Report 2025 revealed there have been three attacks in the last year and that 25% of malware now targets credentials in password managers, a three-fold increase from last year. This finding comes from an analysis of over one million malware variants. Dr Suleyman Ozarslan, co-founder and VP of Picus Labs, notes that attackers use advanced techniques like memory scraping and registry harvesting to compromise local and cloud-based password stores.

But don’t throw out your password manager yet.  They are still a lot more secure than not. The article goes on to say “it is pivotal people use password managers together with multi-factor authentication (MFA). Furthermore, they should never reuse a password, especially for their password manager.”