developer credentials
Coverage of developer credentials in the Nexus archive.
- Bitwarden CLI npm package compromised to steal developer credentials
The Bitwarden CLI was compromised when attackers uploaded a malicious @bitwarden/cli package to npm, containing a credential-stealing payload designed to spread to other projects. The incident highlights vulnerabilities in package registries and the risks of supply chain attacks.
- New npm supply-chain attack self-spreads to steal auth tokens
A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and self-spreading by publishing malicious packages from compromised accounts. The attack exploits the npm package distribution system to propagate and exfiltrate authentication tokens.
- Indonesia’s game rating system paused amid claims it leaked developer creds and glimpses of major new titles
Indonesia’s Ministry of Communication and Digital Affairs has suspended the country’s game rating system (IGRS) following allegations that it leaked developer credentials and unreleased game footage. The move comes amid broader tech-related updates, including a robot winning a Beijing half-marathon and AI-generated manga speech bubbles.