Cline CLI Compromised: Hijacked npm Package Silently Installed OpenClaw on Developer Machines

awesomeagents.ai

Cline CLI Compromised: Hijacked npm Package Silently Installed OpenClaw on Developer Machines

awesomeagents.ai

digicatM to

blueteamsecEnglish · 4 days ago

A compromised npm publishing token allowed an attacker to push a malicious version of the Cline CLI that silently installed OpenClaw via a postinstall script. The incident was caught and fixed within hours.

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

32 users / day
149 users / week
378 users / month
970 users / 6 months
228 local subscribers
642 subscribers
2.5K Posts
205 Comments
Modlog

mods:
digicat