Cline Supply Chain Attack: Cline 2.3.0 Silently Installs OpenClaw (stepsecurity.io) 12 points by varunsharma07 4mo ago ↗ HN
[–] varunsharma07 4mo ago ↗ cline@2.3.0 was published with a malicious post-install script that silently installs OpenClaw on any machine running npm install.
1 comment
[ 149 ms ] story [ 837 ms ] thread