GLOBAL SITUATIONMONITORING

482 published briefsUTCWed, Apr 1 00:12:11

Intelligence Tag

OpenClaw

source

2 intelligence briefs← Intelligence Hub

Malicious npm package posing as OpenClaw installer deploys RAT, steals macOS credentials

Researchers say a malicious npm package named @openclaw-ai/openclawai masqueraded as an OpenClaw installer, deployed a remote access trojan, and stole sensitive data from macOS systems after being uploaded by a user named openclaw-ai on March 3, 2026.

Peter Chofield

Mar 16, 2026

1–2 minutes
ClawJacked: New OpenClaw Flaw Lets Malicious Websites Hijack Local AI Agents

A new “ClawJacked” flaw in OpenClaw lets malicious websites silently hijack local AI agents via WebSockets. Here is how it works and how to defend.

Reza Rafati

Mar 2, 2026

4–6 minutes