Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Source: The Hacker News
Published: Mon, 09 Mar 2026 18:31:00 GMT

News Summary

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package, named "@openclaw-ai/openclawai," was uploaded to the registry by a user named "openclaw-ai" on March 3, 2026. It has been downloaded 178 times to date. The library is still available for

Source

Original report: https://thehackernews.com/2026/03/malicious-npm-package-posing-as.html

This entry mirrors the source feed summary for quick reading.