Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack

Password manager utility KeePass has had to defend its reputation following the discovery of a potential vulnerability that could expose users’ secret data. However, the company states the issue only arises if an attacker already controls a compromised account. Additionally, OpenSSL project has released patches to address a variety of vulnerabilities, including a high-impact flaw. In related news, a system administrator on Reddit was victim of a phishing attack, gaining the attackers access to some internal documents and code.