{ads}

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Written By Monday, 9 March 2026 Add Comment



March 10, 2026 at 12:01AM

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package, named "@openclaw-ai/openclawai," was uploaded to the registry by a user named "openclaw-ai" on March 3, 2026. It has been downloaded 178 times to date. The library is still available for

from The Hacker News https://ift.tt/MUxLD3K

0 Response to "Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads