Supply Chain Attack Secretly Installs OpenClaw for Cline Users
Summary
A malicious version of the Cline npm package (version 2.3.0) was compromised in a supply chain attack to install the OpenClaw backdoor. The compromised package was downloaded over 4,000 times before it was removed from the npm registry.
IFF Assessment
FOE
A supply chain attack distributing malware is detrimental to defenders.
Defender Context
Supply chain attacks targeting open-source package managers like npm are an increasing threat. Defenders should implement strong dependency management practices, including regularly auditing dependencies for suspicious activity and using software composition analysis tools. Developers should verify package integrity and provenance before incorporating them into their projects.