Darnley's Cyber Café
Darnley's Cyber Café is your go-to cybersecurity and IT security podcast, available everywhere you listen. Each episode, we brew up fresh conversations on cybersecurity, IT security, business, technology, and the geopolitical forces shaping our digital world: from data breaches and ransomware to privacy, surveillance, and emerging threats.
Whether you're commuting, at your desk, or just unwinding after a long day, there's always a seat at the café. Pull up a chair, pour your java — not script — and join the conversation that keeps the digitally aware one step ahead. Follow and subscribe wherever you get your podcasts, and never miss an episode. The café is always open and knowledge is your power.
Darnley's Cyber Café
Bitwarden CLI Hacked? The Supply Chain Attack That Targeted 250K Developers
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
On April 22, 2026, the Bitwarden CLI, used in CI/CD pipelines at tens of thousands of organizations, was weaponized for exactly 93 minutes.
In this episode, Darnley walks through the anatomy of the supply chain attack that compromised bitwarden cli version 2026.4.0: how the threat group exploited a compromised Checkmarx GitHub Action to inject credential-stealing malware into Bitwarden's npm publishing pipeline, what the worm actually stole, how it self-propagated by republishing victims own npm packages, and why the fact that "no vault data was compromised" misses the point...
Packed with practical technical guidance on pipeline hardening, package pinning, least-privilege, and the one npm setting that could have blocked this attack entirely...this episode is essential listening for developers, IT security teams, and anyone responsible for a software supply chain who need to hear it.
Click here to send future episode recommendation
Subscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.
