Bitwarden CLI 2026.4.0 version released malicious packages through npm

The Bitwarden security team stated that the Bitwarden CLI 2026.4.0 version was released through npm on April 23 (UTC+8) from 5:57 am to 7:30 am due to the Checkmark supply chain attack. Only users who installed through npm during this time period were affected. Officially confirmed that Vault data has not been leaked and the production system has not been compromised. It is recommended that affected users uninstall version 2026.4.0, clean up npm cache, rotate API tokens and SSH keys, check for abnormal activity on GitHub and CI, and upgrade to version 2026.4.1.