Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
Hackaday

Linux Hacks

Considering that Windows NT has the concept of so-called ‘subsystems’ whereby you can run different systems side-by-side, starting with the POSIX subsystem and later the Windows Subsystem for Linux ...
WREG

WREG Memphis Weather

Pretty calm and nice Monday, with temperatures steadily rising to the low 70s after a chilly morning. Mostly sunny skies and a calm northeast breeze for the afternoon. The rest of the work week will ...