Bitwarden CLI Faces Security Breach in Checkmarx Campaign

The Bitwarden CLI has been compromised as part of an ongoing supply chain attack linked to Checkmarx, as reported by JFrog and Socket. The malicious code was identified in the package version @bitwarden/cli@2026.4.0, specifically in a file named 'bw1.js.' This breach highlights the risks associated with software supply chains, where attackers exploit vulnerabilities to distribute harmful code within legitimate applications. Users of the affected Bitwarden CLI version are advised to monitor their systems and update to a secure version to mitigate risks. Such incidents underscore the importance of maintaining robust cybersecurity measures and being vigilant during software installations.