Security News Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials TheHackerNews Daniel Bender 09 Mar 2026 Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
