The Cline command-line interface (CLI), a widely-used artificial intelligence development tool, faced a serious security breach on February 17, 2026. Hackers managed to gain access to its npm token, leading to a compromised version being available for approximately eight hours. This incident underscores the increasing threat of supply chain attacks aimed at developer ecosystems.
Details of the Security Breach
At 3:26 AM PT, attackers used a stolen npm publish token to upload a malicious version of the Cline CLI, labeled [email protected], to the npm registry. This version targeted developers utilizing popular development environments like Visual Studio Code and JetBrains. The infiltration involved altering the package.json file to include a postinstall script that would execute npm install -g openclaw@latest during installation.
The rest of the package, including the main CLI executable (dist/cli.mjs), was unchanged from the authentic version, [email protected]. Despite the non-malicious nature of OpenCLAW, its unauthorized installation highlighted potential risks for more dangerous payloads in future attacks.
Response and Mitigation
The Cline development team quickly identified the compromised release, releasing a corrected version, [email protected], by 11:23 AM PT. Shortly thereafter, the compromised version 2.3.0 was deprecated, approximately eight hours after the unauthorized upload. The compromised token has been revoked, and Cline has transitioned its npm publishing to OIDC provenance using GitHub Actions to enhance security for future releases.
It is important to note that the Cline VS Code extension and JetBrains plugin were not affected by this security breach.
Recommendations for Developers
Developers who installed [email protected] during the affected period are advised to update to the latest version using cline update or npm install -g cline@latest, and verify the update with cline –version. In cases where OpenCLAW was unintentionally installed, it can be removed using npm uninstall -g openclaw.
Organizations relying on AI developer tools should conduct audits of their installed CLI tools and enforce strict token management practices across all package registries to prevent similar incidents.
For ongoing updates on cybersecurity, follow us on Google News, LinkedIn, and X. Contact us to share your stories.
