How did the Axios attack target OpenClaw?

Attackers published @shadanai/openclaw and @qqbrowser/openclaw-qbot packages bundling poisoned Axios dependency.

Who was behind the Axios attack?

Sapphire Sleet (UNC1069/BlueNoroff), a North Korean state actor per Microsoft and Google attribution.

How many installs were affected?

~600,000 installs during the 3-hour window malicious versions were live.

What malware was delivered?

Cross-platform RAT via hidden plain-crypto-js@4.2.1 dependency.

Check for axios@1.14.1 or 0.30.4, and @shadanai/openclaw or @qqbrowser/openclaw-qbot in your dependency tree.

← Back to dashboard

clawsmith.com/signal/axios-npm-supply-chain-openclaw-targeted-sapphire-sleet

⚠ IssueUnderservedSecurityLive

North Korean State Actor Targets OpenClaw Ecosystem via Axios npm Supply Chain Attack — 600K Installs in 3 Hours

On March 31, 2026, UNC1069 (Sapphire Sleet) compromised Axios maintainer npm account and published backdoored versions with hidden RAT. Two OpenClaw-specific packages bundled the poisoned dependency, deliberately targeting the OpenClaw developer ecosystem.

Product Idea from this Signal

A CLI tool that scans a running OpenClaw instance for active CVEs, malicious skills, and supply chain tampering before they get exploited

807 ▲

OpenClaw has accumulated 433+ CVEs in five months including critical auth bypasses (CVSS 9.8), sandbox escapes, and nation-state supply chain attacks targeting the npm ecosystem. Most operators have no idea which CVEs affect their specific version, whether their installed skills contain backdoors, or if their dependency tree has been tampered with. This tool runs a comprehensive security audit against a live OpenClaw instance and outputs an actionable remediation plan.

CLIOPEN-SOURCESECURITYDEVTOOLAUDIT

CompetitiveView Opportunity →