Our great sponsors
-
bitwarden
Discontinued Bitwarden client applications (web, browser extension, desktop, and cli) [Moved to: https://github.com/bitwarden/clients]
-
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
Which means if one of these dependencies is hacked it will impact a huge number of apps, websites and users, making them prime targets.\ Plus, you should refer to that file instead: https://github.com/bitwarden/browser/blob/master/package-lock.json. Because the thing about supply chain attack is that it can happen at any point of the chain, so if malicious code ends up in one of the dependencies of the dependencies of the [...] of your dependencies, you are still affected.
Though the only risk, AFAIK, is if some JS forges the links to https://vault.bitwarden.com so you end up on a phishing website. Or if some JS renders a fake web vault login page on https://bitwarden.com.\ Visit https://vault.bitwarden.com directly when you need to use the web vault and you should be good.
Related posts
- Bitwarden Safari Extension Gone???
- Any plans to update Bitwarden Safari icon back to the original Big Sur BW icon?
- One potential 'vulnerability' you might miss if you are Windows user
- Browser extensions can now auto-prompt for biometrics, saving you a click! Just uncheck this box.
- PIN, biometric unlocking and vault encryption key