Has Norton done anything since their password manager was breached in January 2023 to combat that?

Yes, they have introduced the reCAPTCHA step to prevent automated attacks like the credential stuffing attack that you are referencing.  Password Manager was not breached.  Some accounts were accessed because people used the same password on other websites that they used for their Norton account.  Those websites were breached and the bad guys then tried using those credentials to access accounts on other sites, like Norton.  There's not much Norton can do about that except make it more difficult to automate the attack, which they have done.  It is totally up to users to use different passwords for every account they have.