SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
BeInCrypto

Bitwarden CLI Supply Chain Attack Puts Crypto Wallet Keys at Risk

Bitwarden CLI 2026.4.0 was compromised in a supply chain attack that targets crypto wallet keys, SSH keys, and CI/CD secrets.
Security Boulevard

Attacking the MCP Trust Boundary

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
Every

Mini-Vibe Check: Claude Design Isn’t for Designers—Yet

Anthropic recently launched Claude Design, a web-based tool that lets you feed Claude a GitHub repo, Figma file, or brand kit ...

Lovable admits error in chat visibility settings, says issue fixed now

Lovable, an app-building platform, has apologized for chat data exposure in public projects. The company clarified it was a ...

eScan Enterprise EDR Wins AV-TEST Award 2025 for Best Advanced Protection

Scan Enterprise EDR wins AV-TEST award 2025 for best advanced protection against ransomware and infostealers When ...