Npm Repository Coder Coder

Bitwarden CLI compromised in supply chain attack: hundreds of developers have installed malware

Hackers injected credential-stealing malware into the Bitwarden CLI tool via a supply chain attack on the NPM package, ...

Threat Post

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...

The Hacker News

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...

Ars Technica

Malicious packages sneaked into NPM repository stole Discord tokens

"People downloading open source packages should take extra care in making sure the item they’re downloading is legitimate and not malware masquerading as something legitimate." Click to expand ...

DataBreachToday

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

Results that may be inaccessible to you are currently showing.

Hide inaccessible results