LastPass had a flaw that potentially exposed the most-recently-used password to subsequent web sites. It was mitigated and updates pushed out to users prior to disclosure.
More than anything, this points out the value of defense-in-depth.
