Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
Cybernews

Checkmarx hit again, popular tools spreading credential-stealing malware

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...

Jets may have been overconfident after 2024-25 success: Cheveldayoff

Jets stumbled to a 35-35-12 finish a year after winning the Presidents’ Trophy for posting the NHL’s top record ...

Coronation Street boss lost sleep over ‘banging’ murder episodes ahead

Coronation Street fans are gearing up to uncover which villain is set to meet their maker on Carla Connor ( Alison King) and ...

These Chrome Extensions Are Stealing Your Data – Uninstall Them Immediately

Browser extensions are mostly harmless, but unfortunately, these Chrome extensions are the opposite and pose imminent risk to ...
LGBTQ Nation

White House walks back Trump’s “Fanta cures cancer” statements: It was just a “joke”!

The White House is now claiming that Donald Trump’s repeatedly stated belief that “freshly squeezed” Fanta cures cancer was ...

108 Google Chrome Extensions Are Stealing User Data, Over 20,000 Users Affected

Collectively, the extensions amassed about 20,000 installs in the Chrome Web Store. All 108 extensions route stolen ...
LGBTQ Nation

Donald Trump reportedly thinks “freshly squeezed” Fanta cures cancer

Dr. Mehmet Oz, who Donald Trump appointed as the administrator of the Centers for Medicare & Medicaid Services (CMS), said ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Computer Weekly

April Patch Tuesday brings zero-days in Defender, SharePoint Server

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...
The Hacker News

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

According to Socket, the extensions (complete list here) are published under five distinct publisher identities – Yana ...