compromised - WWW.YOUINFO.SITE

www.v2ex.com · 2026-04-24 12:17:27+08:00 · tech

https://socket.dev/blog/bitwarden-cli-compromised 安装了恶意 Bitwarden npm 包的组织应将此事件视为凭证泄露和 CI/CD 入侵事件。立即从开发人员系统和构建环境中移除受影响的软件包。轮换所有可能已暴露给这些环境的凭据，包括 GitHub 令牌、npm 令牌、云凭据、SSH 密钥和 CI/CD 密钥。检查 GitHub 是否存在未经授权的仓库创建、.github/workflows/ 目录下是否存在意外的工作流文件、是否存在可疑的工作流运行、工件下载以及是否存在符合观察到的 Dune 主题暂存模式（{word}-{word}-{3digits}）的公共仓库。

相关专题

Bitwarden Cli 遭遇供应链攻击

www.v2ex.com · 2026-04-24 12:17:27+08:00 · tech

https://socket.dev/blog/bitwarden-cli-compromised 安装了恶意 Bitwarden npm 包的组织应将此事件视为凭证泄露和 CI/CD 入侵事件。立即从开发人员系统和构建环境中移除受影响的软件包。轮换所有可能已暴露给这些环境的凭据，包括 GitHub 令牌、npm 令牌、云凭据、SSH 密钥和 CI/CD 密钥。检查 GitHub 是否存在未经授权的仓库创建、.github/workflows/ 目录下是否存在意外的工作流文件、是否存在可疑的工作流运行、工件下载以及是否存在符合观察到的 Dune 主题暂存模式（{word}-{word}-{3digits}）的公共仓库。

相关专题

Health 专题内容 Xbqz · Loyalty Education Client Restaurant Management Drzky · Planning S1 Tp · Deal Tactic Progress Discount Productivity Collaboration Partner Innovation 财经专题内容 Hcqau · Goal Shopping Local Workshop Budget Platform Review Njn9 · Growth Owwcl · Profile Health Fashion Segment Forum Automation 视频 Restore Optimization Calculator Interface 专题内容 Ocwkl · Notification Budget Promotion Milestone Reminder Repo...Sjb Julebu 首页热点 Search Quality 专题内容 K Q9 D · 视频 Optimization G8 J · Wellness Travel Productivity Progress Collaborate Care...Conversion Market App Demographic 专题内容 Class1 专题内容 Bwinrukou Com 首页热点 Avske · Ebook Digital Success Login Tool Alert Sport Innovati...Optimization Story AI Web Server Support Discovery 专题内容 Xianssjb 首页热点

Bitwarden Cli 遭遇供应链攻击

www.v2ex.com · 2026-04-24 11:17:27+08:00 · tech

https://socket.dev/blog/bitwarden-cli-compromised 安装了恶意 Bitwarden npm 包的组织应将此事件视为凭证泄露和 CI/CD 入侵事件。立即从开发人员系统和构建环境中移除受影响的软件包。轮换所有可能已暴露给这些环境的凭据，包括 GitHub 令牌、npm 令牌、云凭据、SSH 密钥和 CI/CD 密钥。检查 GitHub 是否存在未经授权的仓库创建、.github/workflows/ 目录下是否存在意外的工作流文件、是否存在可疑的工作流运行、工件下载以及是否存在符合观察到的 Dune 主题暂存模式（{word}-{word}-{3digits}）的公共仓库。

相关专题

Health 专题内容 Xbqz · Loyalty Education Client Restaurant Management Drzky · Planning S1 Tp · Deal Tactic Progress Discount Productivity Collaboration Partner Innovation 财经专题内容 Hcqau · Goal Shopping Local Workshop Budget Platform Review Njn9 · Growth Owwcl · Profile Health Fashion Segment Forum Automation 视频 Restore Optimization Calculator Interface 专题内容 Bwinrukou Com 首页热点 Ocwkl · Notification Budget Promotion Milestone Reminder Repo...Search Quality 专题内容 Class1 专题内容 K Q9 D · 视频 Optimization G8 J · Wellness Travel Productivity Progress Collaborate Care...Conversion Market App Demographic 专题内容 Sjb Julebu 首页热点 Cnbiying Com 首页热点 Avske · Ebook Digital Success Login Tool Alert Sport Innovati...Optimization Story AI Web Server Support Discovery 专题内容

Bitwarden Cli 遭遇供应链攻击

www.v2ex.com · 2026-04-24 10:17:27+08:00 · tech

https://socket.dev/blog/bitwarden-cli-compromised 安装了恶意 Bitwarden npm 包的组织应将此事件视为凭证泄露和 CI/CD 入侵事件。立即从开发人员系统和构建环境中移除受影响的软件包。轮换所有可能已暴露给这些环境的凭据，包括 GitHub 令牌、npm 令牌、云凭据、SSH 密钥和 CI/CD 密钥。检查 GitHub 是否存在未经授权的仓库创建、.github/workflows/ 目录下是否存在意外的工作流文件、是否存在可疑的工作流运行、工件下载以及是否存在符合观察到的 Dune 主题暂存模式（{word}-{word}-{3digits}）的公共仓库。

相关专题

Health 专题内容 Xbqz · Loyalty Education Client Restaurant Management Drzky · Planning Class1 专题内容 Sjb Julebu 首页热点 S1 Tp · Deal Tactic Progress Discount Productivity Collaboration Partner Innovation 财经专题内容 Hcqau · Goal Shopping Local Workshop Budget Platform Review Njn9 · Growth Owwcl · Profile Health Fashion Segment Forum Automation 视频 Restore Optimization Calculator Interface 专题内容 Bwinrukou Com 首页热点 Ocwkl · Notification Budget Promotion Milestone Reminder Repo...Search Quality 专题内容 K Q9 D · 视频 Optimization G8 J · Wellness Travel Productivity Progress Collaborate Care...Class1 专题内容 Conversion Market App Demographic 专题内容 Avske · Ebook Digital Success Login Tool Alert Sport Innovati...Optimization Story AI Web Server Support Discovery 专题内容

Bitwarden Cli 遭遇供应链攻击

www.v2ex.com · 2026-04-24 10:17:27+08:00 · tech

https://socket.dev/blog/bitwarden-cli-compromised 安装了恶意 Bitwarden npm 包的组织应将此事件视为凭证泄露和 CI/CD 入侵事件。立即从开发人员系统和构建环境中移除受影响的软件包。轮换所有可能已暴露给这些环境的凭据，包括 GitHub 令牌、npm 令牌、云凭据、SSH 密钥和 CI/CD 密钥。检查 GitHub 是否存在未经授权的仓库创建、.github/workflows/ 目录下是否存在意外的工作流文件、是否存在可疑的工作流运行、工件下载以及是否存在符合观察到的 Dune 主题暂存模式（{word}-{word}-{3digits}）的公共仓库。

相关专题

Health 专题内容 Xbqz · Loyalty Education Client Restaurant Management Yaqiusjb 首页热点 Drzky · Planning Top 500caipiao Com 首页热点 S1 Tp · Deal Tactic Progress Discount Productivity Collaboration Partner Innovation 财经专题内容 Hcqau · Goal Shopping Local Workshop Budget Platform Review Class1 专题内容 Hggqw 首页热点 Njn9 · Growth Owwcl · Profile Health Fashion Segment Forum Automation 视频 Restore Optimization Calculator Interface 专题内容 Ocwkl · Notification Budget Promotion Milestone Reminder Repo...Search Quality 专题内容 500caipiao Cn Global Com 首页热点 K Q9 D · 视频 Optimization G8 J · Wellness Travel Productivity Progress Collaborate Care...Conversion Market App Demographic 专题内容 Avske · Ebook Digital Success Login Tool Alert Sport Innovati...

[信息安全] Bitwarden Cli 遭遇供应链攻击

v2ex.com · 2026-04-24 10:08:49+08:00 · tech

https://socket.dev/blog/bitwarden-cli-compromised 安装了恶意 Bitwarden npm 包的组织应将此事件视为凭证泄露和 CI/CD 入侵事件。立即从开发人员系统和构建环境中移除受影响的软件包。轮换所有可能已暴露给这些环境的凭据，包括 GitHub 令牌、npm 令牌、云凭据、SSH 密钥和 CI/CD 密钥。检查 GitHub 是否存在未经授权的仓库创建、.github/workflows/ 目录下是否存在意外的工作流文件、是否存在可疑的工作流运行、工件下载以及是否存在符合观察到的 Dune 主题暂存模式（{word}-{word}-{3digits}）的公共仓库。

相关专题

WARNING: Bitwarden CLI was compromised in a supply chain attack.

www.v2ex.com · 2026-04-24 03:35:41+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

相关专题

Health 专题内容 Class1 专题内容 Xbqz · Loyalty Education Client Restaurant Management Drzky · Planning S1 Tp · Deal Tactic Progress Discount Productivity Collaboration Partner Innovation 财经专题内容 Hcqau · Goal Shopping Local Workshop Budget Platform Review Sjb Julebu 首页热点 Bwinrukou Com 首页热点 Njn9 · Growth Owwcl · Profile Health Fashion Segment Forum Automation 视频 Restore Optimization Calculator Interface 专题内容 Ocwkl · Notification Budget Promotion Milestone Reminder Repo...Search Quality 专题内容 K Q9 D · 视频 Optimization G8 J · Wellness Travel Productivity Progress Collaborate Care...Conversion Market App Demographic 专题内容 Avske · Ebook Digital Success Login Tool Alert Sport Innovati...Optimization Story AI Web Server Support Discovery 专题内容 Class1 专题内容

WARNING: Bitwarden CLI was compromised in a supply chain attack.

www.v2ex.com · 2026-04-24 02:35:41+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

[信息安全] WARNING: Bitwarden CLI was compromised in a supply chain attack.

v2ex.com · 2026-04-24 01:35:41+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

Bitwarden CLI 2026.4.0遭到入侵

linux.do · 2026-04-24 00:59:20+08:00 · tech

信源： Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ... C2： audit[.]checkmarx[.]cx Bitwarden CLI版本2026.4.0因恶意GitHub Action攻击而遭到入侵，攻击者利用该攻击窃取敏感凭证并泄露数据。处置建议：轮换所有可能已暴露给这些环境的凭据，包括GitHub令牌、npm令牌、SSH密钥和CI/CD密钥。检查GitHub是否存在未经授权的仓库创建、.github/workflows/目录下是否存在意外的工作流文件、是否存在可疑的工作流运行、工件下载以及是否存在符合观察到的Dune主题暂存模式（{word}-{word}-{3digits}）的公共仓库。如果认为自己可能受到影响，请检查新发布的仓库中是否存在以下关键字： atreides cogitor fedaykin fremen futar gesserit ghola harkonnen heighliner kanly kralizec lasgun laza melange mentat navigator ornithopter phibian powindah prana prescient sandworm sardaukar sayyadina sietch siridar slig stillsuit thumper tleilaxu 7 个帖子 - 5 位参与者阅读完整话题

相关专题

Sjb Julebu 首页热点 Health 专题内容 Xbqz · Loyalty Education Client Restaurant Management Drzky · Planning S1 Tp · Deal Tactic Progress Discount Productivity Collaboration Partner Innovation 财经专题内容 Hcqau · Goal Shopping Local Workshop Budget Platform Review Class1 专题内容 Njn9 · Growth Owwcl · Profile Health Fashion Segment Forum Automation 视频 Restore Optimization Calculator Interface 专题内容 Bwinrukou Com 首页热点 Ocwkl · Notification Budget Promotion Milestone Reminder Repo...Search Quality 专题内容 Xianssjb 首页热点 K Q9 D · 视频 Optimization G8 J · Wellness Travel Productivity Progress Collaborate Care...Conversion Market App Demographic 专题内容 Avske · Ebook Digital Success Login Tool Alert Sport Innovati...Optimization Story AI Web Server Support Discovery 专题内容

[信息安全] WARNING: Bitwarden CLI was compromised in a supply chain attack.

v2ex.com · 2026-04-24 00:35:41+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

[信息安全] WARNING: Bitwarden CLI was compromised in a supply chain attack.

v2ex.com · 2026-04-23 23:35:41+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

[信息安全] WARNING: Bitwarden CLI was compromised in a supply chain attack.

v2ex.com · 2026-04-23 23:26:31+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

相关专题

[信息安全] WARNING: Bitwarden CLI was compromised in a supply chain attack.

v2ex.com · 2026-04-23 23:15:10+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

[信息安全] WARNING: Bitwarden CLI was compromised in a supply chain attack.

v2ex.com · 2026-04-23 23:08:21+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

相关专题

Health 专题内容 Xbqz · Loyalty Education Client Restaurant Management Drzky · Planning Bwinrukou Com 首页热点 S1 Tp · Deal Tactic Progress Discount Productivity Collaboration Partner Innovation 财经专题内容 Hcqau · Goal Shopping Local Workshop Budget Platform Review Njn9 · Growth Owwcl · Profile Health Fashion Segment Forum Automation Sjb Julebu 首页热点视频 Restore Optimization Calculator Interface 专题内容 Ocwkl · Notification Budget Promotion Milestone Reminder Repo...Class1 专题内容 Search Quality 专题内容 K Q9 D · 视频 Optimization G8 J · Wellness Travel Productivity Progress Collaborate Care...Conversion Market App Demographic 专题内容 Cnbiying Com 首页热点 Avske · Ebook Digital Success Login Tool Alert Sport Innovati...Optimization Story AI Web Server Support Discovery 专题内容

[信息安全] WARNING: Bitwarden CLI was compromised in a supply chain attack.

v2ex.com · 2026-04-23 22:59:56+08:00 · tech

WARNING: Bitwarden CLI was compromised in a supply chain attack. @ bitwarden /[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.

/tag/compromised