A malicious npm package disguised as a legitimate AI tool to install the virally popular OpenClaw, but designed to steal system passwords and crypto wallets, has been identified by cybersecurity ...

A series of malicious packages hidden within the Node Package Manager (npm), the largest software registry for JavaScript, has been uncovered. According to a new advisory published by FortiGuard on ...

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.

Node.js developers, run NPM install at your own risk -- a self-replicating worm can easily spread through the ecosystem Never assume a file downloaded from the Internet is safe. That warning also ...

According to researchers Andrey Polkovnychenko and Shachar Menashe, the repositories were first detected on March 21 and steadily grew from roughly 50 malicious npm packages to over 200 in a matter of ...

After last week a popular JavaScript library started showing full-blown ads in the npm command-line interface, npm, Inc., the company that runs the npm tool and website, has taken a stance and plans ...