The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim ...

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...

ESET Research has uncovered a new China-aligned APT group, which has been named GopherWhisper, that targets governmental institutions in Mongolia.GopherWhisper leverages Discord, Slack, Microsoft 365 ...

Fusion Studio adds Krokodove effects, OGraf and Lottie support, USD updates, deep image tools, and Windows ARM64 support.

A U.S.-backed project in South Africa aims to extract rare earth minerals from industrial waste as part of a Trump ...

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.

The Bitwarden security team confirms that a malicious version of the command-line client was briefly distributed.