Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The attackers chose the interface version Commands from the password manager.
The security team discovered the hack on April 23 and linked it to the TeamPCP Altored chain campaign.
ركّز البرمجية الخبيثة على تعليقة الديكورية واسراد CI/CD
I found the harmful malware, which is in the file named bw1.js, its way during the installation of the installation, especially the files that protect digital currencies, private keys, initial phrases, initial мита маск. It also collected GitHub and npm codes, SSH keys, environment variables and cloud trust statements the warehouse.
Explain the JFrog site J Frog That the stolen data was moved to domains controlled by the attackers and returned to GitHub repositories as a backup mechanism للهجوم.
You use many different digital currencies, the command interface is used in the CI/CD lines to digitize secret commands and publish them. Any action using the hacked version may reveal valuable security keys and hacked software application programming keys in trading platforms sensitive.
Adnan Khan, the security researcher, said that this is the first known incident of a security breach publication Reliable from npm, a mechanism designed to remove long-lived symbols.
What the affected users should do
نشاه فرق سوكيت Socket Anyone who installed @bitwarden/cli version 2026,4,0 will change all settings for now. Users must roll back to version 2026.3.0 or convert to binaries officially signed by Bitwarden. official.
The TeamPCP team carried out similar attacks on Trivy, Checkmarx, and LiteLLM since March 2026, targeting both tools and building lines. The basic treasure house remained unaffected. Only the process of building the command interface I found it.
