SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
DataBreachToday

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

Vercel Breach Explained: AI Tool Compromise Triggers Data Exposure Fears, Users Urged to Rotate Keys & Enable MFA

Vercel has confirmed a security breach linked to a compromised third-party AI tool, exposing some environment variables and ...

Vercel security breach explained: How a third-party AI tool exposed internal systems and what it means for developers

Vercel confirmed a security incident involving unauthorized access to internal systems, stemming from a compromised ...
Cybernews

Bitwarden CLI compromised in supply chain attack: hundreds of developers have installed malware

Hackers injected credential-stealing malware into the Bitwarden CLI tool via a supply chain attack on the NPM package, ...
Arabian Post on MSN

Bitwarden breach exposes developer supply chains

Bitwarden’s command-line interface package was briefly poisoned through npm after attackers abused a GitHub Actions workflow in its software release pipeline, turning a trusted password-management ...

Etherpad 2.7.0: Collaborative web editor without cloud dependency

Etherpad is a self-hostable web editor written in Node.js for real-time collaborative writing – functionally comparable to ...