A coordinated supply chain attack compromised official distribution channels for Checkmarx KICS and the Bitwarden CLI, pushing malicious updates designed to harvest developer credentials, cloud keys, and AI assistant configurations. The payloads exfiltrated data to a shared C2 domain and exhibited advanced techniques, including weaponizing stolen GitHub tokens to inject malicious workflows and using victim repositories as dead drops.