Bitwarden has confirmed a security incident involving its CLI tool, where attackers briefly distributed a malicious version through the npm registry. The company says regular users are safe, but developers who installed the affected version could be at risk.
The attack targeted Bitwarden’s CLI tool, which is mainly used by developers and system administrators to manage vaults through the command line.
A compromised version of the package was published on npm between 5:57 p.m. and 7:30 p.m. (ET) on April 22, 2026. This version contained hidden malware designed to steal sensitive data.
Bitwarden has confirmed the timeline and said that the issue was limited to this short window. It also stated that:
- Vault data remains secure
- Core systems were not breached
- No other products were affected
This is not a mass user breach. The impact is limited, but still serious. According to security researchers, only around 334 developers downloaded the malicious version. However, even a small number matters in a supply chain attack.
If a developer machine is compromised, attackers can:
- Access internal systems
- Steal credentials
- Move deeper into company infrastructure
This is why security experts are treating the incident seriously.
Reports from security firms suggest the attack started with a compromised GitHub account linked to a Bitwarden engineer. Attackers then created a malicious build, modified the release workflow, and used automation to publish the infected package to npm. They also removed traces like workflow logs and release tags to avoid detection.
The malware was designed to quietly collect sensitive data, including SSH keys, API tokens, Cloud credentials (AWS, GCP), and Environment variables. It also targeted secrets from AI tools like Claude Code and Codex CLI.
This attack seems to be part of a broader wave of supply chain attacks. Some researchers suspect a connection to a group known as TeamPCP, but attribution is still unclear.
Bitwarden has been clear that only users who installed the CLI during the affected window are impacted. Its internal systems and user vaults are safe. So, most users do not need to worry.
If you installed Bitwarden CLI version 2026.4.0 during the affected time, you should act immediately. You should uninstall the compromised package, check your system for unknown files or scripts, rotate all credentials, including API keys and cloud access, and review CI/CD pipelines for suspicious changes.
Even if there are no visible signs of compromise, it is safer to assume credentials may have been exposed.
