Security News Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems TheHackerNews Daniel Bender 20 Feb 2026 Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.
