BITWARDEN CLI NPM PACKAGE POISONED WITH CREDENTIAL STEALER

Attackers compromised the @bitwarden/cli package on npm, injecting malicious code designed to steal developer credentials. The malicious version was removed after discovery, but exposed a supply chain vulnerability affecting password manager users.