Bitwarden CLI Is the Next Compromise In Checkmarx Supply Chain Campaign 3
Longtime Slashdot reader Himmy32 writes: Socket Security published an article on the compromise of the Bitwarden CLI client, which was pushed from Bitwarden's client repository. This breach was the next in a chain of supply-chain attacks that have affected Checkmarx KICS and Aqua Security's Trivy scanners.
The breach was quickly detected and reported by JFrog on the GitHub repository; JFrog also provided a technical write-up. The Bitwarden team has released statements on a blog post indicating that the compromise did not affect vault or customer data. Only 334 downloads of the affected CLI client were downloaded before removal and remediation.
The breach was quickly detected and reported by JFrog on the GitHub repository; JFrog also provided a technical write-up. The Bitwarden team has released statements on a blog post indicating that the compromise did not affect vault or customer data. Only 334 downloads of the affected CLI client were downloaded before removal and remediation.
"only 334" (Score:1)
So "only" 334 people/companies have had their data stolen through this exploit?
Somehow that doesn't that make me feel all that much better...
Re: (Score:3)
the compromise did not affect vault or customer data
from the article - "This targeting is unusually specific. In addition to standard developer secrets such as .npmrc and .git-credentials, the malware also hunts for AI tool configuration and MCP-related files, suggesting deliberate interest in environments where coding assistants or local automation tools may expose API keys or workflow secrets."