Skip to content
The Nexus
DossierENTITY

Bitwarden CLI

Coverage of Bitwarden CLI in the Nexus archive.

Earliest in view: Apr 23 · 13:42 UTCMost recent: Apr 23 · 19:21 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYApr 23 · 19:21 UTCBLEEPING COMPUTER
    Bitwarden CLI npm package compromised to steal developer credentials

    The Bitwarden CLI was compromised when attackers uploaded a malicious @bitwarden/cli package to npm, containing a credential-stealing payload designed to spread to other projects. The incident highlights vulnerabilities in package registries and the risks of supply chain attacks.

  • SECURITYApr 23 · 14:17 UTCHACKER NEWS
    Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

    Bitwarden CLI was compromised in an ongoing supply chain campaign attributed to Checkmarx. The incident highlights vulnerabilities in software distribution channels, with the compromised CLI tool potentially exposing users to malicious activity.

  • SECURITYApr 23 · 13:42 UTCTHE HACKER NEWS
    Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

    Bitwarden CLI version 2026.4.0 was compromised in the Checkmarx supply chain campaign, with malicious code found in 'bw1.js'. Socket identified the attack, which leveraged a supply chain vulnerability.

Bitwarden CLI · Dossier · The Nexus