Signal
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-02-19 16:58 UTCUpdated 2026-02-19 22:33 UTC
rss
dark_reading
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (2 domains)domains are deduped. counts indicate coverage, not truth.2 top sources shown
limited source diversity in top sources
Overview
The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.
Score total
0.99
Momentum 24h
2
Posts
2
Origins
2
Source types
1
Duplicate ratio
0%
All evidence
All evidence
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
Dark Reading · darkreading.com · 2026-02-19 22:33 UTC
Massive OpenClaw supply chain attack floods OpenClaw with malicious skills
SC Media · scworld.com · 2026-02-19 16:58 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -
Showing 2 / 0
Top publishers (this list)
- Dark Reading (1)
- SC Media (1)
Top origin domains (this list)
- darkreading.com (1)
- scworld.com (1)