Cline hit by cyberattack
Incident
Summary
Hide ▲
Show ▼
A Cline CLI supply-chain incident on February 17, 2026 used a compromised npm publish token to publish [email protected] with a postinstall step that silently installed OpenClaw on developer machines. The poisoned package was live for about eight hours, was downloaded roughly 4,000 times, and did not affect the VS Code extension or JetBrains plugin. Cline responded by releasing 2.4.0, deprecating 2.3.0, revoking the token, and moving npm publishing to OIDC via GitHub Actions.
Related Happenings
Cline Kanban server WebSocket origin/authentication security flaw
Vulnerability
First: 07.05.2026 17:30
Last: 07.05.2026 17:30
Sources 1
About this happening:
**Cline Kanban server** has a **critical WebSocket origin/authentication flaw** that can let a webpage a developer visits **exfiltrate workspace data**, **inject terminal commands...
Cline Kanban server WebSocket origin/authentication security flaw
VulnerabilityAbout this happening: **Cline Kanban server** has a **critical WebSocket origin/authentication flaw** that can let a webpage a developer visits **exfiltrate workspace data**, **inject terminal commands...
GitHub git push RCE (CVE-2026-3854)
Vulnerability
First: 29.04.2026 15:41
Last: 29.04.2026 15:41
Sources 1
About this happening:
GitHub patched **CVE-2026-3854**, a critical **remote code execution** flaw affecting **GitHub.com** and **GitHub Enterprise Server** that could expose **millions of private repos...
GitHub git push RCE (CVE-2026-3854)
VulnerabilityAbout this happening: GitHub patched **CVE-2026-3854**, a critical **remote code execution** flaw affecting **GitHub.com** and **GitHub Enterprise Server** that could expose **millions of private repos...
Open VSX pre-publish scanning fail-open now patched security flaw
Vulnerability
First: 27.03.2026 15:57
Last: 27.03.2026 15:57
Sources 1
About this happening:
A **now-patched fail-open bug** in **Open VSX's pre-publish scanning pipeline** could let **malicious VS Code extensions** bypass vetting and go live in the registry, weakening a...
Open VSX pre-publish scanning fail-open now patched security flaw
VulnerabilityAbout this happening: A **now-patched fail-open bug** in **Open VSX's pre-publish scanning pipeline** could let **malicious VS Code extensions** bypass vetting and go live in the registry, weakening a...
Npm package ecosystem CanisterWorm exploitation wave
Exploitation Wave
First: 23.03.2026 10:31
Last: 23.03.2026 10:31
Sources 1
About this happening:
Attackers expanded the **Trivy** compromise into a **self-propagating CanisterWorm** wave that hit **dozens of npm packages**, creating broad downstream supply-chain risk. The abu...
Npm package ecosystem CanisterWorm exploitation wave
Exploitation WaveAbout this happening: Attackers expanded the **Trivy** compromise into a **self-propagating CanisterWorm** wave that hit **dozens of npm packages**, creating broad downstream supply-chain risk. The abu...
Cline AI coding assistant hit by network compromise
Incident
First: 09.03.2026 01:35
Last: 09.03.2026 01:35
Sources 1
About this happening:
The **Cline** coding assistant suffered a **supply-chain compromise** that installed a rogue **OpenClaw** instance on **thousands of systems**, creating unauthorized **full system...
Cline AI coding assistant hit by network compromise
IncidentAbout this happening: The **Cline** coding assistant suffered a **supply-chain compromise** that installed a rogue **OpenClaw** instance on **thousands of systems**, creating unauthorized **full system...
Timeline
-
20.02.2026 00:33 3 articles · 3mo ago
Cline 2.3.0 npm package silently installs OpenClaw
Initial DisclosureUsers who downloaded Cline version 2.3.0 received a poisoned npm package that used a post-install hook to silently install OpenClaw on their systems, affecting about 4,000 downloads over roughly eight hours before deprecation; Cline revoked the compromised token, removed the tainted package, and released version 2.4.0 with OIDC provenance via GitHub Actions.
Show sources
- Supply Chain Attack Secretly Installs OpenClaw for Cline Users — www.darkreading.com — 20.02.2026 00:33
- Supply Chain Attack Secretly Installs OpenClaw for Cline Users — www.darkreading.com — 20.02.2026 00:33
- Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems — thehackernews.com — 20.02.2026 16:20