Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
New York Post

US tourists in Hong Kong must reveal their device passwords — or be arrested

US citizens traveling to Hong Kong are being warned that refusal to hand over passwords or access to their personal devices is now a criminal offense. The US Consulate General in Hong Kong and Macao ...
CNET

I Get My Password Manager for Free. Here’s How You Can Get One That's Cheap or Free

Marshall Gunnell is a Tokyo-based tech journalist and editor with over a decade of experience covering IT, cybersecurity and data storage. Alongside CNET, his work has appeared in ZDNET, Business ...
MLive

Hash Bash gets University of Michigan approval with major changes reshaping its 55th year

ANN ARBOR, MI - After uncertainty about its future, Hash Bash will officially return to the University of Michigan campus this spring for the 55th time. The event organizers received a permit from the ...
PC World

Do NOT use AI-generated passwords, security experts warn

Security experts warn against using AI-generated passwords after finding predictable patterns in outputs from ChatGPT, Gemini, and Claude that make them vulnerable to attacks. PCWorld reports that AI ...
PC Magazine

This Week in Cybersecurity: 40 PS5s Stolen, 149 Million Passwords Leaked, and $68M Worth of 'Oops, We Were Listening'

From smooth-talking hackers and millions of stolen passwords to Google’s very expensive “sorry for secretly listening” settlement, security had another extremely normal week. I've been writing and ...
Forbes

Gmail Passwords Confirmed Within 183 Million Account Infostealer Leak

I reported on a data leak earlier this year that included a whopping 184,162,718 passwords and logins affecting the likes of Apple, Facebook and Instagram users. That data leak was disclosed on May 22 ...
Lifehacker

Check This Database to See If Your Email Credentials Have Been Leaked

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...
Forbes

Microsoft Warns Most Users Must Delete Their Passwords

Forbes contributors publish independent expert analyses and insights. Zak Doffman writes about cybersecurity, surveillance and privacy. Microsoft wants you to add a passkey to your accounts. But it’s ...
Kim Komando

Saving passwords in your browser? Stop that.

“Hi, Kim, I save all my passwords in my browser. So why do I need a password manager? Thanks for your newsletter. I can tell it’s a lot of work. The quality every single day is incredible.” — Robby in ...
GitHub

salted-password-hashing

Add a description, image, and links to the salted-password-hashing topic page so that developers can more easily learn about it.