93 Minuten lang verwandelte die Installation der „offiziellen“ CLI von Bitwarden Laptops in Launchpads für die Übernahme von GitHub-Konten
Burns Brief
22 erschien eine bösartige Version der Befehlszeilenschnittstelle von Bitwarden auf npm unter dem offiziellen Paketnamen @bitwarden/cli@2026. Die Marktstimmung dreht sich ins Positive, wobei Händler und Analysten auf eine mögliche Folgedynamik in den kommenden Sitzungen hinweisen. Achten Sie auf die Bestätigung des Volumens – ein Ausbruch über das durchschnittliche Volumen würde signalisieren, dass sich der Trend wahrscheinlich fortsetzt.
On Apr. 22, a malicious version of Bitwarden's command-line interface appeared on npm under the official package name @bitwarden/cli@2026.4.0. For 93 minutes, anyone who pulled the CLI through npm received a backdoored substitute for the legitimate tool. Bitwarden detected the compromise, removed the package, and issued a statement saying it found no evidence that attackers accessed end-user vault data or compromised production systems. Security research firm JFrog analyzed the malicious payload and found it had no particular interest in Bitwarden vaults . It targeted GitHub tokens, npm tokens, SSH keys, shell history, AWS credentials, GCP credentials, Azure credentials, GitHub Actions secrets, and AI tooling configuration files. These are credentials that govern how teams build, deploy, and reach their infrastructure. Targeted secret / data type Where it usually lives Why it matters operationally GitHub tokens Developer laptops, local config, CI environments Can enable repo access, workflow abuse, secret listing, and lateral movement through automation npm tokens Local config, release environments Can be used to publish malicious packages or alter release flows SSH keys Developer machines, build hosts Can open access to servers, internal repos, and infrastructure Shell history Local machines Can reveal pasted secrets, commands, internal hostnames, and workflow details AWS credentials Local config files, environment variables, CI secrets Can expose cloud workloads, storage, and deployment systems GCP credentials Local config files, environment variables, CI secrets Can expose cloud projects, services, and automation pipelines Azure credentials Local config files, environment variables, CI secrets Can expose cloud infrastructure, identity systems, and deployment paths GitHub Actions secrets CI/CD environments Can give access to automation, build outputs, deployments, and downstream secrets AI tooling / config files Project directories, local dev environments Can expo
Key Takeaways
- 22, a malicious version of Bitwarden's command-line interface appeared on npm under the official package name @bitwarden/cli@2026
- For 93 minutes, anyone who pulled the CLI through npm received a backdoored substitute for the legitimate tool
- Bitwarden detected the compromise, removed the package, and issued a statement saying it found no evidence that attackers accessed end-user vault data or compromised production systems
- Security research firm JFrog analyzed the malicious payload and found it had no particular interest in Bitwarden vaults
- It targeted GitHub tokens, npm tokens, SSH keys, shell history, AWS credentials, GCP credentials, Azure credentials, GitHub Actions secrets, and AI tooling configuration files