Summary

The Bitwarden CLI has been compromised as part of a supply chain attack orchestrated by Checkmarx. This incident was discovered by JFrog and Socket, highlighting vulnerabilities in the software supply chain.

Key Points

• The compromised package is identified as @bitwarden/[email protected].
• Malicious code was found in the 'bw1.js' file within the package.
• The attack is part of an ongoing supply chain campaign by Checkmarx.
• JFrog and Socket are the companies that discovered this compromise.

Analysis

This compromise of the Bitwarden CLI underscores the critical vulnerabilities present in software supply chains. The inclusion of malicious code in a widely used package can have significant security implications for organizations relying on this tool. The ongoing nature of the Checkmarx campaign suggests a persistent threat that could affect other components in the supply chain.

Conclusion

IT professionals should immediately verify the integrity of their Bitwarden CLI installations and consider rolling back to a previous version if using the affected package. Continuous monitoring and auditing of software dependencies are recommended to mitigate similar risks in the future.