Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

SITREP: Bitwarden CLI has been compromised due to the Checkmarx supply chain campaign, with the affected package version identified as @bitwarden/cli@2026.4.0. Malicious code was found in a file named 'bw1.js' within the package. TACTICAL ASSESSMENT: This incident highlights vulnerabilities in supply chain security, particularly for widely used software tools. The compromise of a password management tool raises significant concerns regarding user data security and trust in software integrity. PROJECTED VECTORS: Further exploitation of the compromised package may lead to increased attacks on users and potential data breaches.