The Bitwarden security team identified and contained a malicious package that was briefly distributed through the npm delivery path for @bitwarden/
[email protected] between 5:57 PM and 7:30 PM (ET) on April 22, 2026, in connection with a broader Checkmarx supply chain incident. The investigation found no evidence that end user vault data was accessed or at risk, or that production data or production systems were compromised. Once the issue was detected, compromised access was revoked, the malicious ...
I will almost always choose .NET as my development platform when greenfielding a project for exactly this reason. It’s an incredibly robust standard library that virtually guarantees I won’t need to pull in a litany of additional utility libraries, and I can also expect that what libraries I do choose to bring in are highly unlikely to drag along a ridiculous parade of dependencies.
Do you feel its still worth learning now?