Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

openclawai

Malicious npm package posing as OpenClaw installer deploys RAT, steals credentials

Cybercrime, News, Research, Vulnerabilities

March 10, 2026

A JFrog technical analysis reported a malicious npm package posing as an OpenClaw installer. Uploaded March 3, 2026, the package installs a RAT and steals credentials, browser data, wallets and other sensitive macOS data.

About
Editorial Policy
Privacy
Contact