Cline CLI Installs OpenClaw Through Compromised Token
On February 17, 2026, Cline maintainers disclosed that a compromised npm publish token was used to publish cline@2.3.0, adding a postinstall script that silently installed OpenClaw on developer machines. Approximately 4,000 downloads occurred during an eight-hour window; maintainers released v2.4.0, deprecated 2.3.0, revoked the token and enabled OIDC. Researchers link the breach to a prompt-injection and cache-poisoning chain called Clinejection.
Scoring Rationale
High immediacy and credible sources drive score; limited by low observed malicious behavior and contained download window.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problemsStep-by-step roadmaps from zero to job-ready — curated courses, salary data, and the exact learning order that gets you hired.
Sources
- Read OriginalCline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systemsthehackernews.com
- Read OriginalAI coding assistant Cline compromised, installs OpenClawtheregister.com
