Bitwardenโs CLI npm package was briefly compromised on April 22, 2026 when attackers published a malicious @bitwarden/cli v2026.4.0 containing a credential-stealing payload that could spread to other projects. The loader fetched the Bun runtime to execute an obfuscated bw1.js that harvested npm tokens, GitHub auth tokens, SSH keys, and cloud credentials and exfiltrated encrypted data via public GitHub repositories. #Bitwarden #TeamPCP
Keypoints
- A malicious @bitwarden/cli package (v2026.4.0) was briefly published to npm on April 22, 2026.
- Attackers injected a custom loader that downloaded Bun and executed an obfuscated bw1.js credential stealer.
- The malware collected npm tokens, GitHub tokens, SSH keys, and AWS/Azure/Google Cloud credentials.
- Exfiltration was done by creating public GitHub repositories containing encrypted stolen data and a โShai-Hulud: The Third Comingโ marker.
- Bitwarden revoked the compromised access, deprecated the release, reported no evidence of vault or production data compromise, and affected users should rotate exposed credentials.