Bitwarden CLI compromised in ongoing Checkmarx supply chain campaign

nozzlegear 16 hours ago|

Another day, another supply chain attack involving GitHub Actions.

adityamwagh 16 hours ago||

GitHub was down too! Its uptime has been so bad recently.

righthand 16 hours ago||

It’s the new Npm

saghm 5 hours ago|||

This one also involved npm to be fair

palata 16 hours ago||||

Don't GitHub Actions actually use npm?

dnnddidiej 11 hours ago|||

The new Windows 98

fnoef 16 hours ago||

I mean, what's the future now? Everyone just vibecoding their own private tools that no "foreign government" has access to? It honestly feels like everything is slowly starting to collapse.

Also didn't Microsoft (the owner of GitHub) got access to Claude Mythos in order to "seCuRe cRitiCal SoftWaRe InfRasTructUre FoR teh AI eRa"? Hows securing GitHub Action going for them?

nh43215rgb 5 hours ago||

> THE MOST TRUSTED PASSWORD MANAGER

> Defend against hackers and data breaches

> Fix at-risk passwords and stay safe online with Bitwarden, the best password manager for securely managing and sharing sensitive information.

yep. literally from their website this moment..and the link to their "statement"[0] is nowhere on the front page.

Oh wait, there is a top banner..."Take insights to action: Bitwarden Access Intelligence now available Learn more >" nope.

[0]: https://community.bitwarden.com/t/bitwarden-statement-on-che...

righthand 14 hours ago||

Dont write clis in Javascript.

fraywing 16 hours ago||

Can we please get a break?

Praying to the security gods.

It seems like we've have non-stop supply chain attacks for months now?

dgellow 15 hours ago|

Expect to continue for years to come

ripped_britches 15 hours ago||

This is the break right now, we will smile back on these times

dnnddidiej 11 hours ago||

Stock up on pencils and paper guys.

stephenlf 13 hours ago||

Crap. I use that CLI.

max2026 3 hours ago||

[dead]

jeremie_strand 13 hours ago||

[dead]

Ms-J 7 hours ago||

[dead]

asxndu 16 hours ago|

[dead]