💥 Check out this awesome post from Hacker News 📖
📂 **Category**:
💡 **What You’ll Learn**:
Socket researchers discovered that the Bitwarden CLI was compromised as part of the ongoing Checkmarx supply chain campaign. The affected package version appears to be @bitwarden/cli2026.4.0, and the malicious code was published in bw1.js, a file included in the package contents. The attack appears to have leveraged a compromised GitHub Action in Bitwarden’s CI/CD pipeline, consistent with the pattern seen across other affected repositories in this campaign.
What we know so far:
- Bitwarden CLI builds were affected
- The compromise follows the same GitHub Actions supply chain vector identified in the broader Checkmarx campaign
This is an ongoing investigation. Socket’s security research team is conducting a full technical analysis and will publish detailed findings, including affected versions, indicators of compromise, and remediation guidance.
If you use Bitwarden CLI, we recommend reviewing your CI logs and rotating any secrets that may have been exposed to the compromised workflow.
💬 **What’s your take?**
Share your thoughts in the comments below!
#️⃣ **#Bitwarden #CLI #Compromised #Ongoing #Checkmarx #Supply #Chain**
🕒 **Posted on**: 1776957343
🌟 **Want more?** Click here for more info! 🌟
