A malicious npm package impersonating an installer for the Openclaw artificial intelligence (AI) agent framework is spreading credential-stealing malware designed to quietly take control of developer machines. Security Researchers Expose Malicious Openclaw npm Package Security researchers say the package is part of a supply-chain attack aimed at developers working with Openclaw and similar AI-agent tooling. […]
