After multiple attempts at logic to solve this, I circled back to “maybe it’s just something in the saved passwords that’s causing the issue.” It turns out, it was.
I deleted all passwords, and slowly uploaded 50 at a time, instead of the whole .csv file. I eventually isolated it to one password.
The problematic record, attached, was for a specific subdomain on .PlanetFitness.com. I don’t have a membership there anymore, so I deleted the record. (I also observe on the PF website, the member info is no longer available on that subdomain, but instead thru www.planetfitness.com/my-account/profile. )
I’m guessing that subdomain is either flagged at MalwareBytes, or it’s compromised but identified by simply loading the Password Manager which possibly does a quick online check of all domains referenced in the Password Manager upon each opening? I don’t know, but it’s fixed now. And apparently nothing glitch-y about Brave at all.
Thank you for your helpful suggestions.
