Back to Blog

#npm Security

4 posts
Bitwarden CLI npm compromise exposes CI/CD credential risk
Supply Chain Security
Incident
Supply Chain

Bitwarden CLI npm compromise exposes CI/CD credential risk

Bitwarden CLI npm compromise exposes CI/CD credential risk A brief compromise of the Bitwarden CLI npm distribution is still a high-priority defender story beca...

April 24, 2026
5 min read
Lucas Oliveira
Axios npm compromise pushed a cross-platform RAT through a fake dependency
Supply Chain Security
npm Security
Supply Chain Attack

Axios npm compromise pushed a cross-platform RAT through a fake dependency

Axios npm compromise pushed a cross-platform RAT through a fake dependency A compromise of the widely used axios package on npm shows why defenders cannot rely...

April 1, 2026
5 min read
Lucas Oliveira
GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push
Threat Hunting & Intel
Incident
Threat Intel

GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push

GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push GlassWorm is no longer just a story about obviously malicious extensions. Th...

March 21, 2026
5 min read
Lucas Oliveira
Cline CLI 2.3.0 supply chain attack silently installed OpenClaw on developer systems
Threat Hunting & Intel
Incident
Supply Chain Security

Cline CLI 2.3.0 supply chain attack silently installed OpenClaw on developer systems

Cline CLI 2.3.0 supply chain attack silently installed OpenClaw on developer systems Executive summary The Cline CLI supply chain incident is a practical remind...

March 19, 2026
5 min read
Lucas Oliveira

Tags

Account Takeover
6
AI Security
6
Authentication Bypass
5
Cisco
5
CI/CD Security
4
AWS
2
Browser Security
2
Access Control
1
ActiveMQ
1
Apache
1