Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts.
The package, named « @openclaw-ai/openclawai, » was uploaded to the registry by a user named « openclaw-ai » on March 3, 2026. It has been downloaded 178 times to date. The library is still available for
