Sam Stepanyan  🐘
#NPM: A malicious npm package '@openclaw-ai/openclawai' is spreading a full RAT #malware disguised as an #OpenClaw installer. It steals browser data, macOS Keychain entries, crypto wallets, MacOS and cloud credentials:
#SoftwareSupplyChainSecurity
👇
https://thehackernews.com/2026/03/malicious-npm-package-posing-as.html
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

The Hacker News
Mar 9 at 6:41pmWeb