clawsmith.com/signal/shadanai-openclaw-npm-supply-chain-attack-axios
⚠ IssueUnknownSupply ChainLive
Axios npm supply chain attack: compromised maintainer ships RAT via @shadanai/openclaw packages
Attacker compromised the axios npm maintainer account, injected a cross-platform RAT via plain-crypto-js. @shadanai/openclaw packages vendored the malicious payload. 100M weekly downloads in blast radius. Affected axios versions: 1.14.1 and 0.30.4.
Product Idea from this Signal
A CLI security scanner that intercepts and blocks malicious ClawHub skills before they compromise your OpenClaw instance
183.3k ▲CLIOPEN-SOURCESECURITYDEVTOOL
Competitive75 leadsView Opportunity →
Score Breakdown
HN
3,173
Social Proof 9 sources
HN2,741HN432RD0RD0RD0RD0RD0RD0RD0
Cline Supply Chain Attack: Cline 2.3.0 Silently Installs OpenClaw (1934 points)
3/31/2026
Post Mortem: axios NPM supply chain compromise
4/3/2026
Axios npm compromised - Socket.dev
3/30/2026
Advisory: Axios compromise - CSA Singapore
3/31/2026
Axios supply chain attack - Malwarebytes
3/31/2026
Axios supply chain IOCs - Semgrep
3/31/2026
Axios npm compromised - Snyk
3/31/2026
Axios Supply Chain Attack - THN
3/31/2026
Axios compromised to deploy malware - Sophos
3/31/2026
Frequently Asked Questions
Virality Score
3,173
across 9 platforms
Details
Signalissue
EcosystemSupply Chain
Sources9
Platforms9
Updated11d ago
Trend→ stable
Top ideas
All ideas →