GitGuardian analysis of the @bitwarden/cli compromise: GitHub used as C2, new Cloudflare exfiltration domain found, linked to April 22 Checkmarx KICS compromise via Dependabot.

The post @bitwarden/cli – GitGuardian Views on helloworm00 appeared first on Security Boulevard.

Guillaume Valadon

Source: Security Boulevard
Source Link: https://securityboulevard.com/2026/04/bitwarden-cli-gitguardian-views-on-helloworm00/