The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects. [...]
Bitwarden CLI npm package compromised to steal developer credentials
Résumé + lien vers la source. Sans paywall, sans tracking.