Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket.
"The affected package version appears to be @bitwarden/[email protected], and the malicious code was published in 'bw1.js,' a file included in the package contents," the application security company said.
"The attack appears to have leveraged a



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html