Dossier
supply chain campaign
Coverage of supply chain campaign in the Nexus archive.
- Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI was compromised in an ongoing supply chain campaign attributed to Checkmarx. The incident highlights vulnerabilities in software distribution channels, with the compromised CLI tool potentially exposing users to malicious activity.
- Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI version 2026.4.0 was compromised in the Checkmarx supply chain campaign, with malicious code found in 'bw1.js'. Socket identified the attack, which leveraged a supply chain vulnerability.