CRITICAL npm Malware
Malicious code in cline (npm)
MAL-2026-1380 · GHSA-9ppg-jx86-fqw7
Published · Modified
Description
__
Source: amazon-inspector (38d7531f4d4af07fee607e1d2985d0ea5b41dbf28cca5bc16c8457934e372f86)
The package cline was found to contain malicious code.
Source: google-open-source-security (ba9952611b2aa348b1b5cc0349d7b905e32d34effa53081994388c37d0d3462a)
An unauthorized party used a compromised npm publish token to publish v2.3.0
of the Cline CLI on the NPM. The compromise added a postinstall script that
globally installed openclaw.
References
Ready to move
Start Securing
Free, no credit card | First findings in minutes