socket.dev
news
socket.dev
IrregularChat: Purple Team
4w ago
Socket’s threat research team uncovered a new PyPI wave tied to the broader Mini Shai-Hulud, Miasma, and Hades supply chain campaign. The latest wave adds 23 newly identified package-version artifacts
Bitwarden CLI was compromised in a supply chain attack tied to the ongoing Checkmarx campaign, according to JFrog and Socket. The affected release was **@bitwarden/cli@2026.4.0**, which contained mali