Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
Summary
Cline CLI version 2.3.0 was compromised in a supply chain attack (an attack on software before it reaches users) where an unauthorized party used a stolen npm publish token to add a postinstall script that automatically installed OpenClaw, an AI agent tool, on developer machines. The attack affected about 4,000 downloads over an eight-hour window on February 17, 2026, though the impact was considered low since OpenClaw itself is not malicious.
Solution / Mitigation
Cline maintainers released version 2.4.0 to fix the issue. Version 2.3.0 has been deprecated, the compromised token has been revoked, and the npm publishing mechanism was updated to support OpenID Connect (OIDC, a secure authentication standard) via GitHub Actions. Users are advised to update to the latest version, check their systems for unexpected OpenClaw installations, and remove it if not needed.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/02/cline-cli-230-supply-chain-attack.html
First tracked: February 20, 2026 at 11:00 AM
Classified by LLM (prompt v3) · confidence: 92%