Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
Omaha.com

Former Omaha LGBTQ+ activist pleads guilty in New York to stealing $99K in nonprofit funds

A former Omaha nonprofit leader pleaded guilty to allegations that she siphoned $99,000 from a New York nonprofit she briefly led. The funds were meant to pay bail for indigent people but were instead ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
Buffalo News

Ex-treasurer admits stealing nearly $27,000 from Canal Fest

The former treasurer of Canal Fest of the Tonawandas has admitted to stealing nearly $27,000 from the nonprofit organization, according to the Niagara County District Attorney's Office.