SlowMist: Be aware of the malicious versions 1.14.1 / 0.30.4 of axios and the risk of exposing npm global installation history for OpenClaw.

ME News message, March 31 (UTC+8). As of March 31, 2026, public intelligence indicates that axios@1.14.1 and axios@0.30.4 have been confirmed as malicious versions. Both have been implanted with an additional dependency, plain-crypto-js@4.2.1. This dependency can deliver a cross-platform malicious payload via a postinstall script. The impact of this incident on OpenClaw needs to be judged by scenario: 1) Source build scenario: not affected. The v2026.3.28 lockfile that is actually in use locks axios@1.13.5 / 1.13.6 and does not hit the malicious versions. 2) npm install -g openclaw@2026.3.28 scenario: there is a historical exposure risk. The reason is that the dependency chain contains: openclaw -> @line/bot-sdk@10.6.0 -> optionalDependencies.axios@^1.7.4. During the time window when the malicious versions were still online, it may be resolved to axios@1.14.1. 3) Current reinstall results: npm has rolled back resolution to axios@1.14.0, but for environments where installation occurred within the attack window, it is still recommended to treat it as an affected scenario and check for IoCs. In addition, SlowMist notes that if the plain-crypto-js directory is found, it should be treated as a high-risk execution trace even if its package.json has already been cleaned. For hosts that ran npm install or npm install -g openclaw@2026.3.28 within the attack window, it is recommended to immediately rotate credentials and conduct host-side investigations. (Source: ODAILY)