Cline CLI compromised token mitigation
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Cline maintainers released version 2.4.0 to contain the unauthorized npm publication of [email protected], which had been pushed with a compromised publish token. They also deprecated 2.3.0 and revoked the token to reduce the risk of further misuse. Affected users were told to update and verify that OpenClaw was not installed unexpectedly.
Related Happenings
OpenClaw/OpenShell managed sandbox backend Claw Chain (multiple vulnerabilities)
Vulnerability
First: 15.05.2026 16:35
Last: 15.05.2026 16:35
Sources 1
About this happening:
Researchers disclosed **four OpenClaw flaws** in the **OpenShell managed sandbox backend** that can be chained for **data theft**, **privilege escalation**, and **persistence**. T...
OpenClaw/OpenShell managed sandbox backend Claw Chain (multiple vulnerabilities)
VulnerabilityAbout this happening: Researchers disclosed **four OpenClaw flaws** in the **OpenShell managed sandbox backend** that can be chained for **data theft**, **privilege escalation**, and **persistence**. T...
OpenClaw 2026.4.22 security patch release for Claw Chain flaws
Security Patch Release
First: 15.05.2026 16:35
Last: 15.05.2026 16:35
Sources 1
About this happening:
OpenClaw released **version 2026.4.22** to fix **four CVE-backed vulnerabilities** in **OpenShell's managed sandbox backend** that could be chained for **data theft**, **privilege...
OpenClaw 2026.4.22 security patch release for Claw Chain flaws
Security Patch ReleaseAbout this happening: OpenClaw released **version 2026.4.22** to fix **four CVE-backed vulnerabilities** in **OpenShell's managed sandbox backend** that could be chained for **data theft**, **privilege...
OpenAI rotates macOS code-signing certificates after supply-chain exposure
Security Tool/Service
First: 13.04.2026 20:39
Last: 13.04.2026 20:39
Sources 1
About this happening:
**OpenAI** is **rotating and revoking macOS code-signing certificates**, forcing users of **ChatGPT Desktop**, **Codex**, **Codex CLI**, and **Atlas** to update so trust in signed...
OpenAI rotates macOS code-signing certificates after supply-chain exposure
Security Tool/ServiceAbout this happening: **OpenAI** is **rotating and revoking macOS code-signing certificates**, forcing users of **ChatGPT Desktop**, **Codex**, **Codex CLI**, and **Atlas** to update so trust in signed...
Open VSX pre-publish scanning fail-open now patched security flaw
Vulnerability
First: 27.03.2026 15:57
Last: 27.03.2026 15:57
Sources 1
About this happening:
A **now-patched fail-open bug** in **Open VSX's pre-publish scanning pipeline** could let **malicious VS Code extensions** bypass vetting and go live in the registry, weakening a...
Open VSX pre-publish scanning fail-open now patched security flaw
VulnerabilityAbout this happening: A **now-patched fail-open bug** in **Open VSX's pre-publish scanning pipeline** could let **malicious VS Code extensions** bypass vetting and go live in the registry, weakening a...
Cline hit by cyberattack
Incident
First: 20.02.2026 00:33
Last: 20.02.2026 00:33
Sources 1
How related:
On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI on the NPM registry: [email protected],
About this happening:
A **Cline CLI** **supply-chain incident** on **February 17, 2026** used a **compromised npm publish token** to publish **[email protected]** with a **postinstall** step that silently in...
Cline hit by cyberattack
IncidentHow related: On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI on the NPM registry: [email protected],
About this happening: A **Cline CLI** **supply-chain incident** on **February 17, 2026** used a **compromised npm publish token** to publish **[email protected]** with a **postinstall** step that silently in...
Timeline
-
20.02.2026 16:20 2 articles · 3mo ago
Cline CLI compromised token mitigation
Initial DisclosureAfter the npm compromise, maintainers responded by shipping **2.4.0**, deprecating **2.3.0**, and revoking the **compromised publish token**. That response was aimed at limiting further exposure from the unauthorized package release and guiding affected users to clean up their environments.
Show sources
- Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems — thehackernews.com — 20.02.2026 16:20
- Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems — thehackernews.com — 20.02.2026 16:20