LIVE FEED
Bitwarden CLI npm Package Supply Chain Attack Steals Secrets

Bitwarden CLI npm Package Supply Chain Attack Steals Secrets

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 6.5 The Hacker News

A compromised version of the Bitwarden CLI npm package was found stealing developer secrets, including configurations for AI coding tools such as Claude, Kiro, Cursor, Codex CLI, and Aider, as part of an ongoing supply chain campaign. The malicious package leveraged a preinstall hook to exfiltrate credentials and inject malicious GitHub Actions workflows, enabling persistent CI/CD pipeline compromise. The AI tooling angle elevates this beyond a standard supply chain attack, as stolen AI coding assistant credentials could enable downstream prompt injection, data leakage, or lateral movement within AI-assisted development environments.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.