New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
Security Boulevard

Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...
CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Password safe Bitwarden: Command-line client trojanized

The Bitwarden security team confirms that a malicious version of the command-line client was briefly distributed.