An attack on server API used by a popular password manager. The exploit tricks the password manager server to disclose your encryption key. It arises from an interaction between a trusted extension user interface with web applications.

SamuraiSafe never uploads your private key anywhere. It has no centralised server functionality.