AI Coding Assistant Cline Compromised in npm Supply Chain Attack Deploying OpenClaw

Summary

The Register reported on February 20, 2026, that an unknown attacker compromised the npm package for Cline CLI — a widely-used open-source AI coding assistant — and published a malicious version (cline@2.3.0) that silently installed the OpenClaw AI agent platform on developers' machines. The attack exploited a compromised authentication token and affected developers who installed Cline during an approximately eight-hour window on February 17, 2026 (3:26 AM to 11:30 AM Pacific Time). StepSecurity