Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...
Bitwarden CLI npm package got compromised today, looks like part of the ongoing Checkmarx supply chain attack If you’re using @bitwarden/cli version 2026.4.0, you might want to check your setup From what researchers found: - malicious file added (bw1.js) - steals creds from GitHub, npm, AWS, Azu
ORIGINAL SOURCE →via Reddit r/netsec
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · conflict
- [CONFLICT] Intermodal Asia
- [CONFLICT] [Comment] Antibody-based malaria prevention in an intense perennial transmission setting
- [CONFLICT] [World Report] New Government aims to revitalise health in Hungary
- [CONFLICT] [Perspectives] Caring for the caregivers
- [CONFLICT] [Correspondence] Systematic health destruction in Iran by Operation Epic Fury
- [CONFLICT] [Correspondence] Microbiological governance and the Lancet Commission on Ukraine