GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...

CheckMarx confirms March 2026 attack did result in data theft.

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

The Proton team has released a roadmap of features it plans to launch later this year for its password manager, Proton Pass.

Bitwarden CLI 2026.4.0 was compromised in a supply chain attack that targets crypto wallet keys, SSH keys, and CI/CD secrets.

Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one ...

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...