MetaMask, Phantom warn of flaw that could steal your crypto wallets
The Demonic vulnerability is tracked as CVE-2022-32969 and is caused by how web browsers save contents of non-password input fields to the disk as part of their standard “restore session” system.