Bitwarden CLI Was Compromised in a Supply Chain Attack: What Developers Must Do Now

Bitwarden CLI Was Compromised in a Supply Chain Attack: What Developers Must Do Now

Bitwarden's command-line interface package was compromised in a supply chain attack targeting its CI/CD pipeline. Version @bitwarden/cli 2026.4.0, published to npm, contains malicious code designed to exfiltrate GitHub tokens, AWS credentials, and other cloud authentication secrets. If you installed or updated the Bitwarden CLI in recent days, treat your development credentials as compromised.

How the Attack Worked

Attackers compromised a GitHub Action in Bitwarden's CI/CD pipeline — the automated build and publishing workflow that creates npm packages. The malicious code was injected into bw1.js within the published package. This is a supply chain attack: instead of compromising users directly, the attacker targeted the build process that creates trusted software, inserting malicious code into a package that users then install from a trusted source.

This attack is part of a broader Checkmarx-documented supply chain campaign targeting npm packages. Bitwarden is one of several projects affected.

What Was Targeted and What Was Not

Only the npm CLI package (@bitwarden/cli 2026.4.0) was affected. The Chrome browser extension, the MCP server package, and the desktop application were not compromised. The malicious code specifically targeted development environment credentials — GitHub tokens, AWS credentials, and cloud authentication keys — not vault passwords or stored credentials in Bitwarden accounts.

Bitwarden's user base includes over 10 million users and 50,000 businesses. The attack targeted the subset who installed the CLI and had development credentials accessible in their environment.

What You Must Do Now

If you installed @bitwarden/cli 2026.4.0: rotate all GitHub tokens and AWS credentials immediately. Audit your repositories and cloud accounts for unauthorized activity — commits, deployments, API calls, or resource creation since the package was published. Check your CI/CD pipelines for any unexpected changes. Do not wait to confirm whether your specific environment was affected — rotate first, investigate second.

Bitwarden has pulled the compromised package. Install the latest clean version after rotating credentials.

My Take

Supply chain attacks via CI/CD pipeline compromise are becoming the dominant vector for credential theft at scale. Attackers have realized that hitting a trusted package used by 50,000 businesses is far more efficient than attacking those businesses individually. The Bitwarden CLI compromise is a reminder that "installed from npm" is not a trust signal. Every development team should audit which npm packages have access to production credentials in their CI environments — and how those credentials are scoped.

Related Articles

Sources