SlowMist: Be aware of the malicious versions 1.14.1 / 0.30.4 of axios and the risk of exposing npm global installation history for OpenClaw.

ME News message, March 31 (UTC+8). As of March 31, 2026, publicly available intelligence shows that axios@1.14.1 and axios@0.30.4 have both been confirmed as malicious versions. Both have been injected with an additional dependency, plain-crypto-js@4.2.1. This dependency can deliver cross-platform malicious payloads via the postinstall script. The impact of this incident on OpenClaw needs to be assessed by scenario: 1) Source build scenario: Not affected. The v2026.3.28 lock file actually pins axios@1.13.5 / 1.13.6 and does not hit the malicious versions. 2) npm install -g openclaw@2026.3.28 scenario: There is a historical exposure risk. The reason is that the dependency chain contains: openclaw -> @line/bot-sdk@10.6.0 -> optionalDependencies.axios@^1.7.4. During the time window when the malicious versions are still online, it may be resolved to axios@1.14.1. 3) Current reinstall result: npm has rolled back resolution to axios@1.14.0, but for environments that had installed during the attack window, it is still recommended to handle them as affected scenarios and check IoC. In addition, SlowMist advises that if the plain-crypto-js directory is found, even if its package.json has already been cleaned up, it should still be treated as a high-risk execution artifact. For hosts that executed npm install or npm install -g openclaw@2026.3.28 during the attack window, it is recommended to immediately rotate credentials and conduct host-side investigations. (Source: ODAILY)