THREATNOIR
Subscribe
Back to Feed
Supply ChainApr 23, 2026

‼️ Bitwarden Statement on Checkmarx Supply Chain Incident: "The Bitwarden security team identifi...

Bitwarden CLI malicious npm package distributed for 93 minutes on April 22, 2026.

Read at source

Summary

Bitwarden's security team detected and contained a malicious package injected into the @bitwarden/cli npm repository (version 2026.4.0) that was live for approximately 93 minutes on April 22, 2026. The incident appears linked to a Checkmarx supply chain compromise. Bitwarden has advised users to upgrade to patched versions and rotate any credentials that may have been exposed.

Indicators of Compromise

  • malware — @bitwarden/cli@2026.4.0

Entities

Bitwarden CLI (product)Bitwarden (vendor)Checkmarx (vendor)npm (technology)Checkmarx Supply Chain Incident (campaign)