Cicd-Compromise | GRID THE GREY

LIVE THREATS

CRITICAL Paloalto's Zealot successfully attacks misconfigured cloud environments // HIGH Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign // HIGH Bad Memories Still Haunt AI Agents // CRITICAL ChatGPT's code runtime silently exfiltrates user data via malicious prompt // HIGH Claude's Mythos rival: Chinese Cybersecurity Firm claims finding 1000 vulnerabilities // CRITICAL Vertex AI agents can be weaponized to steal GCP service credentials // CRITICAL Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them? // HIGH AI-powered defense for an AI-accelerated threat landscape // HIGH SentinelOne's AI-powered EDR autonomously claims blocking a Claude Zero Day Supply Chain … // CRITICAL Critical OpenClaw flaw lets low-privilege attackers silently seize full admin control //

1 report

All LLM Security Agentic AI Industry News Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

ATLAS OWASP HIGH The Hacker News Apr 24, 2026 ▲ 6.5

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

A compromised version of the Bitwarden CLI npm package was found stealing developer secrets, including configurations for AI coding tools such as Claude, Kiro, Cursor, Codex CLI, and Aider, as part of …

AML.T0010 - ML Supply Chain Compromise AML.T0057 - LLM Data Leakage AML.T0012 - Valid Accounts