Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts.
The package, named „@openclaw-ai/openclawai,“ was uploaded to the registry by a user named „openclaw-ai“ on March 3, 2026. It has been downloaded 178 times to date. The library is still available for
https://thehackernews.com/2026/03/malicious-npm-package-posing-as.html