A GitHub Issue Title Compromised 4k Developer Machines
On February 17, 2026, a malicious version of the Cline package was published to npm, which included a code change in the package.json file that executed a post-install command to install OpenClaw, an AI agent with full system access. This led to approximately 4,000 developer machines being compromised as users installed or updated the Cline package without consent.
grith.ai
6 min
3/5/2026
A GitHub Issue Title Compromised 4k Developer Machines
On February 17, 2026, a malicious version of the Cline package was published to npm, which included a code change in the package.json file that executed a post-install command to install OpenClaw, an AI agent with full system access. This led to approximately 4,000 developer machines being compromised as users installed or updated the Cline package without consent.
grith.ai
6 min
3/5/2026
A GitHub Issue Title Compromised 4k Developer Machines
On February 17, 2026, a malicious version of the Cline package was published to npm, which included a code change in the package.json file that executed a post-install command to install OpenClaw, an AI agent with full system access. This led to approximately 4,000 developer machines being compromised as users installed or updated the Cline package without consent.
grith.ai
6 min
3/5/2026
No more articles to load