SlowMist: Be aware of the malicious versions 1.14.1 / 0.30.4 of axios and the risk of exposing npm global installation history for OpenClaw.

ME News message, March 31 (UTC+8). As of March 31, 2026, public intelligence shows that axios@1.14.1 and axios@0.30.4 have both been confirmed as malicious versions. Both have been implanted with an additional dependency, plain-crypto-js@4.2.1, which can deliver cross-platform malicious payloads via a postinstall script. The impact of this incident on OpenClaw needs to be assessed by scenario: 1) Source build scenario: not affected. The v2026.3.28 lock file actually locks axios@1.13.5 / 1.13.6 and does not hit the malicious versions. 2) npm install -g openclaw@2026.3.28 scenario: there is a risk of historical exposure. The reason is that the dependency chain includes: openclaw -> @line/bot-sdk@10.6.0 -> optionalDependencies.axios@^1.7.4. During the time window when the malicious versions are still online, axios@1.14.1 may be resolved. 3) Current reinstallation results: npm has reverted resolution to axios@1.14.0, but for environments where the installation occurred within the attack window, it is still recommended to handle them as affected scenarios and to check IoCs. In addition, SlowMist advises that if the plain-crypto-js directory is found, even if its package.json has been cleaned, it should be treated as a high-risk execution trace. For hosts that executed npm install or npm install -g openclaw@2026.3.28 during the attack window, it is recommended to immediately rotate credentials and conduct host-side investigations. (Source: ODAILY)