Bitwarden CLI npm package compromised to steal developer credentials

Published on April 23, 2026

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects. [...]

Continue reading on website
Other news

Trigona ransomware attacks use custom exfiltration tool to steal data

April 23, 2026
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. [...]

Hackers exploit file upload bug in Breeze Cache WordPress plugin

April 23, 2026
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. [...]