|
|
|
|
|
|
by dimitry12
49 days ago
|
|
|
From Bitwarden official statement: https://community.bitwarden.com/t/bitwarden-statement-on-che... "a malicious package that was briefly distributed" "investigation found no evidence that end user vault data was accessed or at risk" "The issue affected the npm distribution mechanism for the CLI during that limited window, not the integrity of the legitimate Bitwarden CLI codebase or stored vault data." "Users who did not download the package from npm during that window were not affected." Downplaying so hard it's disgusting. Bitwarden failed and became a vector of attack. A vendor who is responsible for all my passwords. What a joke. All trust lost: by the incident and comms-style. Time to move before they make an even bigger mistake. |
|
|