← Back to context Comment by sigmonsays 1 day ago If I run the compromised CLI, do they get all my passwords? 11 comments sigmonsays Reply bhouston 1 day ago Exactly, that could widen the blast radius of this particular compromise significantly. NeckBeardPrince 1 day ago Read the article valicord 1 day ago Where does it answer this question in the article? rtaylorgarlock 1 day ago kinda crazy to see this comment required in this particular context, yet here we are hgoel 1 day ago It's an understandable question, the article reads like an AI generated mess. ErneX 1 day ago The article explains what is extracted. jeroenhd 1 day ago The article waffles on forever and gives some generic advice.Meanwhile, Bitwarden themselves state that end users were almost never affected: https://community.bitwarden.com/t/bitwarden-statement-on-che...You had to install the CLI through NPM at a very short time frame for it to be affected. If you did get infected, you have to assume all secrets on your computer were accessed and that any executable file you had write access to may be backdoored. valicord 1 day ago No it doesn't? ErneX 1 day ago Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article… 1 reply → kbolino 1 day ago No, at least according to Bitwarden themselves: https://community.bitwarden.com/t/bitwarden-statement-on-che...
bhouston 1 day ago Exactly, that could widen the blast radius of this particular compromise significantly.
NeckBeardPrince 1 day ago Read the article valicord 1 day ago Where does it answer this question in the article? rtaylorgarlock 1 day ago kinda crazy to see this comment required in this particular context, yet here we are hgoel 1 day ago It's an understandable question, the article reads like an AI generated mess.
rtaylorgarlock 1 day ago kinda crazy to see this comment required in this particular context, yet here we are hgoel 1 day ago It's an understandable question, the article reads like an AI generated mess.
ErneX 1 day ago The article explains what is extracted. jeroenhd 1 day ago The article waffles on forever and gives some generic advice.Meanwhile, Bitwarden themselves state that end users were almost never affected: https://community.bitwarden.com/t/bitwarden-statement-on-che...You had to install the CLI through NPM at a very short time frame for it to be affected. If you did get infected, you have to assume all secrets on your computer were accessed and that any executable file you had write access to may be backdoored. valicord 1 day ago No it doesn't? ErneX 1 day ago Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article… 1 reply →
jeroenhd 1 day ago The article waffles on forever and gives some generic advice.Meanwhile, Bitwarden themselves state that end users were almost never affected: https://community.bitwarden.com/t/bitwarden-statement-on-che...You had to install the CLI through NPM at a very short time frame for it to be affected. If you did get infected, you have to assume all secrets on your computer were accessed and that any executable file you had write access to may be backdoored.
valicord 1 day ago No it doesn't? ErneX 1 day ago Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article… 1 reply →
ErneX 1 day ago Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article… 1 reply →
kbolino 1 day ago No, at least according to Bitwarden themselves: https://community.bitwarden.com/t/bitwarden-statement-on-che...
Exactly, that could widen the blast radius of this particular compromise significantly.
Read the article
Where does it answer this question in the article?
kinda crazy to see this comment required in this particular context, yet here we are
It's an understandable question, the article reads like an AI generated mess.
The article explains what is extracted.
The article waffles on forever and gives some generic advice.
Meanwhile, Bitwarden themselves state that end users were almost never affected: https://community.bitwarden.com/t/bitwarden-statement-on-che...
You had to install the CLI through NPM at a very short time frame for it to be affected. If you did get infected, you have to assume all secrets on your computer were accessed and that any executable file you had write access to may be backdoored.
No it doesn't?
Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article…
1 reply →
No, at least according to Bitwarden themselves: https://community.bitwarden.com/t/bitwarden-statement-on-che...