RSS Bot@lemmy.bestiver.seMB to Hacker News@lemmy.bestiver.seEnglish · 1 month ago

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

1

cross-posted to:
security@lemmy.ml

15

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

RSS Bot@lemmy.bestiver.seMB to Hacker News@lemmy.bestiver.seEnglish · 1 month ago

1

cross-posted to:
security@lemmy.ml

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...

Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.

You must log in or # to comment.

Chat

wheezy@lemmy.ml
link
fedilink
English
arrow-up
5·
1 month ago
Just the CLI version and for a few unlucky people that actually downloaded the malicious update via npm before removed.

Sucks. But seems to have been caught quickly.

Hacker News@lemmy.bestiver.se

hackernews@lemmy.bestiver.se

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !hackernews@lemmy.bestiver.se

Community locked: only moderators can create posts. You can still comment on posts.

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

Source of the RSS Bot

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

435 users / day
1.93K users / week
4.32K users / month
9.91K users / 6 months
2 local subscribers
4.95K subscribers
24.9K Posts
17.5K Comments
Modlog