@shadanai/openclaw
MAL-2026-4441
npmbackdoor5/19/2026
Description
Malicious code in @shadanai/openclaw (npm)
Indicators of Compromise
SHA256 Hashes (6)
853dde236d6f3177a73acfd47ea1f5a9898f721e174a96fbd304c4c437b51373
92aa5cee3e17fdf310ca064213d60fab3e055e33ed72f0bfee36b95cd96fe1d9
a2a11e64e4ef3cc4efab60c79888340d9ca4e787847dda0e3291d53d0bb26dc9
bf365c77e4edb2867492cce3d207b953d00508ebb286a2760710fde87aa21c25
c0e2f02ab1bb3d99de1787ed7d69f1df97bd3b2d7c18cc8ba4e5f8688f649ce9
d4b7dfcaeeb4c23cf7704bc2f26b049ad4266b2f51fea4876624d31e858dcc38
Details
Ecosystemnpm
Attack Typebackdoor
Published5/19/2026
Quick Actions