A compromise of the popular Bitwarden password manager is linked to the ongoing Checkmarx supply chain campaign, with bad actor injecting malicious code in a version of its CLI. However, while there are some overlaps in such areas a tools that suggest TeamPCP was behind the attack, there are differences in operation that make attribution difficult.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/04/bitwarden-cli-compromise-linked-to-ongoing-checkmarx-supply-chain-campaign/
