Vendor
critical
advisory
Compromised Bitwarden CLI npm Package Enables Credential Theft and Information Exfiltration
2 rules 2 TTPsA remote attacker can exploit a compromised Bitwarden CLI npm package to steal credentials and exfiltrate sensitive information.
Bitwarden CLI
supply-chain
credential-theft
exfiltration
npm
2r
2t
high
threat
Increased npm Supply Chain Attacks Targeting SAP Developers
2 rules 5 TTPs 3 IOCsThreat actors are compromising npm packages, including those targeting SAP developers, to steal credentials, embed themselves in CI/CD pipelines, and deploy multi-stage payloads using techniques like wormable propagation and covert C2 channels on GitHub.
@bitwarden/cli +6
TeamPCP
npm
supply-chain
credential-theft
github
2r
5t
3i