The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
The Bitwarden security team confirms that a malicious version of the command-line client was briefly distributed.
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...
Microsoft's Azure strategy focuses on flexible models and long-term client partnerships and that's the playbook it seeks to ...
NomShub, a vulnerability chain in Cursor AI, allowed attackers to achieve persistent access to systems via indirect prompt ...
Anthropic is known for its industry-leading Claude Code that writes programs, but why stop there? The company, on Friday, ...
Two newly discovered macOS threats are designed to harvest developer credentials and cloud access as attackers focus on ...
Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...
The open-source Git project has released Git 2.54, the latest version of the widely used distributed version control system for tracking changes in software projects.
Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results