GoKawiilThe Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
According to reports by Socket, JFrog, and OX Security, the malicious package was distributed as version 2026.4.0 and remained available between 5:57 PM and 7:30 PM ET on April 22, 2026, before being removed.
Bitwarden confirmed the incident, stating that the breach affected only its npm distribution channel for the CLI npm package and only those who downloaded the malicious version.
"The investigation found no evidence that end user vault data was accessed or at risk, or that production data or production systems were compromised. Once the issue was detected, compromised access was revoked, the malicious npm release was deprecated, and remediation steps were initiated immediately," Bitwarden shared in a statement.
"The issue affected the npm distribution mechanism for the CLI during that limited window, not the integrity of the legitimate Bitwarden CLI codebase or stored vault data."
Bitwarden says it revoked the compromised access and deprecated the affected CLI npm release.
The Bitwarden supply chain attack
According to Socket, threat actors appear to have used a compromised GitHub Action in Bitwarden's CI/CD pipeline to inject malicious code into the CLI npm package.
According to JFrog, the package was modified so that the preinstall script and the CLI entry point use a custom loader named bw_setup.js , which checks for the Bun runtime and, if it does not exist, downloads it.
The loader then uses the Bun runtime to launch an obfuscated JavaScript file named bw1.js , which acts as credential-stealing malware.
... continue reading