SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
DataBreachToday

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...
Security Boulevard

Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...

Vercel Breach Explained: AI Tool Compromise Triggers Data Exposure Fears, Users Urged to Rotate Keys & Enable MFA

Vercel has confirmed a security breach linked to a compromised third-party AI tool, exposing some environment variables and ...

Vercel security breach explained: How a third-party AI tool exposed internal systems and what it means for developers

Vercel confirmed a security incident involving unauthorized access to internal systems, stemming from a compromised ...
Cybernews

Bitwarden CLI compromised in supply chain attack: hundreds of developers have installed malware

Hackers injected credential-stealing malware into the Bitwarden CLI tool via a supply chain attack on the NPM package, ...
Arabian Post on MSN

Bitwarden breach exposes developer supply chains

Bitwarden’s command-line interface package was briefly poisoned through npm after attackers abused a GitHub Actions workflow in its software release pipeline, turning a trusted password-management ...

Etherpad 2.7.0: Collaborative web editor without cloud dependency

Etherpad is a self-hostable web editor written in Node.js for real-time collaborative writing – functionally comparable to ...