See the article at
Fascinating discussion about the malware Keefarce that targets KeePass password manager. Keefarce uses DLL injection to "... call an existing KeePass export method to copy the contents of a currently open database to a CSV file. The resulting file contains user names, passwords, notes, and URLs all in clear text." The bottom line is that if one's computer is compromised, all bets are off as to whether the password manager one is using is secure. (True??) Note that malware similar to Keefarce could probably be written for other password managers. So KeePass is not alone with this vulnerability?
Big question: Should we be concerned with this vulnerability?
Another question: I currently store my passwords on paper. My laptop never leaves my home so I consider this reasonably secure. Any reason I should use a password manager?