{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Wordfence Security News","title":"Breeze Cache Mass Exploitation in 24 Hours | Bitwarden CLI Supply Chain Attack | ADT Confirmed in ShinyHunters Breach | Pack2TheRoot 12-Year-Old PackageKit Privilege Escalation (CVE-2026-41651) | Wordfence Security News | Week of April 27, 2026","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/84b1ca75\"></iframe>","width":"100%","height":180,"duration":624,"description":"This week in Wordfence Security News (Week of Apr 27, 2026):A critical unauthenticated arbitrary file upload vulnerability in BreezeCache, a caching plugin with over 400,000 active installations, went from disclosure to mass exploitation in under 24 hours with over 22,000 exploit attempts blocked across nearly 5,000 sitesAttackers published a malicious version of the Bitwarden CLI package on NPM that harvested credentials from six different sources including SSH keys, cloud secret stores, and AI assistant configs during a 93-minute window before removalThe Bitwarden supply chain attack connects to a broader campaign targeting Checkmarx, with Team PCP claiming responsibility and links to the Shai-Hulud self-propagating NPM worm from 2025Home security giant ADT confirmed a data breach after ShinyHunters listed the company on its leak site, with Have I Been Pwned tracking 5.5 million unique email addresses tied to the breachShinyHunters used a voice phishing attack to compromise an ADT employee's Okta SSO account and pivot to Salesforce, highlighting why phishing-resistant MFA like FIDO2 or WebAuthn is critical over SMS or TOTPA 12-year-old privilege escalation vulnerability dubbed Pack2TheRoot in PackageKit lets any local unprivileged user install arbitrary packages as root, affecting Ubuntu, Debian, Fedora, and Rocky Linux since 2014Timestamps:0:00 Introduction0:34 BreezeCache Critical File Upload Vulnerability and Mass Exploitation3:50 Bitwarden CLI Supply Chain Attack via NPM6:25 ADT Data Breach by ShinyHunters7:49 Why Phishing-Resistant MFA Matters8:54 PackageKit Privilege Escalation VulnerabilityStory Links:Breeze Cache — Active Exploitation (CVE-2026-3844): https://www.wordfence.com/threat-intel/vulnerabilities/id/e342b1c0-6e7f-4e2c-8a52-018df12c12a0Bitwarden CLI Compromised in Checkmarx Supply Chain Attack: https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.htmlSharePoint Patching Laggards — CVE-2026-32201:...","thumbnail_url":"https://img.transistorcdn.com/tNZ1BCLBa7hdisGHRggcQKe1fS0BRjNwLU5euMPMXfE/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8yNjZm/M2NiNzczNWQ4MDdh/OTYyMTg5MDQ5ODk3/ODI5ZC5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}