There are already enough people using password managers that they’re a target.

If they were as easy targets as you imply, then they’d already be exploited.

The fact they’re not demonstrates that’s reused passwords is lower hanging fruit.