Threat Intelligence Report

Bitwarden CLI Hijacked in npm Supply Chain Attack Linked to TeamPCP & Checkmarx Breach

📅 May 10, 2026 📰 socradar.io 🔍 0 CVE(s) referenced

A sophisticated supply chain attack by TeamPCP hijacked the Bitwarden CLI npm package for 90 minutes, stealthily harvesting developer credentials, cloud secrets, and CI/CD tokens through advanced credential theft and exfiltration techniques, with evidence linking it to the concurrent Checkmarx breach.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle