The Publish Pipeline Is the New Attack Surface: Lessons from the Bitwarden Workflow Incident

Bitwarden | Supply Chain Attack | npm | GitHub Actions | CI/CD Security | DevSecOps | Credential Theft | Incident Response

On April 22, 2026, a malicious version of @bitwarden/[email protected] was published to npm as part of a larger supply chain campaign. The issue originated in Bitwarden's publishing workflow and was connected to the Checkmarx incident disclosed the same day.

This case highlights a growing reality: attackers are shifting focus from vulnerable dependencies to the publish pipelines that produce and distribute software.

What Happened (Official Details)

According to Bitwarden's statement:

• A malicious package was briefly distributed through the npm delivery path for @bitwarden/[email protected].
• The exposure window was very short: April 22, 2026, between 5:57 PM and 7:30 PM ET (roughly 93 minutes).
• The compromise was linked to the ongoing Checkmarx supply chain incident.
• No impact on end-user vault data, production systems, or the legitimate Bitwarden CLI codebase.
• Bitwarden immediately revoked access, deprecated the release, and coordinated with npm for removal.

Only users who installed exactly @bitwarden/[email protected] from npm during that narrow window were potentially affected.

For full details on the broader campaign, see Checkmarx's official security update: Checkmarx Security Update — April 22, 2026.

How the Attack Reached npm

The malicious version was published through Bitwarden's own GitHub Actions workflow responsible for releasing the CLI. This allowed attackers to bypass traditional source code reviews by targeting the CI/CD pipeline itself — a pattern also observed in the related Checkmarx compromises.

Who Should Take Action?

You are affected only if you ran:

npm install @bitwarden/[email protected]

(or used it via npx) during that short window on April 22.

Immediate Response Steps

1. Rotate all credentials — GitHub tokens, cloud keys (AWS, Azure, GCP), npm tokens, SSH keys, and any secrets accessible from the affected machine.
2. Remove the malicious version and reinstall a safe release (@bitwarden/[email protected] or the latest clean version).
3. Audit build logs for unexpected workflow runs around April 22.
4. Review GitHub Actions — pay special attention to publishing workflows and secret handling.

Broader Lessons from This Incident

This attack is part of a continuing campaign targeting developer tooling and CI/CD pipelines — including Checkmarx KICS, Trivy, LiteLLM, and now Bitwarden.

Key Takeaways

• Treat CI/CD workflows as production code. Review GitHub Actions YAML files with the same rigor as application code — especially secret usage, third-party actions, and publish logic.
• Pin versions aggressively. Avoid latest for any critical CLI or tool. Use exact versions in lockfiles and pipelines.
• Implement minimum release age policies. Delay new package versions (7+ days) in your environments. Short-window attacks like this are highly effective against teams that auto-update immediately.
• Strengthen publish pipelines: use OIDC where possible with strict repository rules; enable branch protection and manual approvals for publish workflows; consider reproducible builds and artifact signing.
• Password manager CLIs are prime targets. Tools like Bitwarden CLI run with high privileges in automation and developer environments — treat them as high-risk dependencies.

Practical Defenses You Can Implement Today

• Use an internal npm proxy with quarantine rules for new upstream versions.
• Pin GitHub Actions to commit SHAs (not floating tags).
• Configure dependency bots (Renovate, etc.) with release age delays.
• Regularly audit publishing workflows across your repositories.

Further Reading

• Bitwarden Statement on the Checkmarx Supply Chain Incident
• Checkmarx Security Update — April 22, 2026
• TeamPCP Hits Checkmarx: Inside the cx-dev-assist and KICS Supply Chain Compromise