Bitwarden CLI Supply Chain Attack Puts Crypto Wallet Keys at Risk

Attackers hijacked password manager Bitwarden’s CLI version 2026.4.0 through a compromised GitHub Action, publishing a malicious npm package that actively steals crypto wallet data and developer credentials.

Security firm Socket discovered the breach on April 23 and linked it to the ongoing TeamPCP supply chain campaign. The rogue npm version has since been pulled.

Malware Target Risks Crypto Wallets and CI/CD Secrets

The malicious payload, embedded in a file called bw1.js, ran during package installation and harvested GitHub and npm tokens, SSH keys, environment variables, shell history, and cloud credentials.

TeamPCP’s broader campaign is separately confirmed to target crypto wallet data, including MetaMask, Phantom, and Solana wallet files.

According to JFrog, the stolen data was exfiltrated to attacker-controlled domains and committed back to GitHub repositories as a persistence mechanism.

Many crypto teams use the Bitwarden CLI in automated CI/CD pipelines for secrets injection and deployments. Any workflows that ran the compromised version may have exposed high-value wallet keys and exchange API credentials.

Security researcher Adnan Khan noted this is the first known compromise of a package using npm’s trusted publishing mechanism, which was designed to eliminate long-lived tokens.

What Affected Users Should Do

Socket recommends that anyone who installed @bitwarden/cli version 2026.4.0 rotate every exposed secret immediately.

Users should downgrade to version 2026.3.0 or switch to official signed binaries from Bitwarden’s website.

TeamPCP has chained similar attacks against Trivy, Checkmarx, and LiteLLM since March 2026, targeting developer tools that sit deep in build pipelines.

Bitwarden’s core vault remains unaffected. Only the CLI build process was compromised.