#BitWardEn

Bitwarden appears to be undergoing a quiet shift in leadership and messaging. Its longtime CEO and CFO have stepped down, while the company has removed "Always free" from a prominent password-manager page and replaced "Inclusion" and "Transparency" in its…

From Dev.to - security: I Replaced My €4.99/Month Password Manager with a Self-Hosted One for €10/Year — Here's Exactly How

The @bitwarden/cli compromise and ua-parser-js are both supply chain attacks — but structurally different threats that require different defenses.

A review of my experience with _Bitwarden_ after several years of self-hosting it, and why I decided to move away from the password manager.

From Dev Community: Benchmark: 1Password 8 vs. Bitwarden 2026 for Credential Autofill Speed

From Dev.to - cybersecurity: Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

From How-To Geek: I ditched Bitwarden's subscription for this free self-hosted alternative

On April 23, 2026, @bitwarden/cli was compromised as part of the ongoing Checkmarx supply chain...

From Dev.to - security: Supply Chain Attack Hits Bitwarden CLI via npm: What Every Developer Must Know Right Now

Longtime Slashdot reader Himmy32 writes: Socket Security published an article on the compromise of the Bitwarden CLI client, which was pushed from Bitwarden's client repository.…

The author of the BlueHammer exploit, which was released earlier this month and addressed in the last Patch Tuesday, continues to be annoyed with the responses from the Microsoft security research …

Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.