Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
I got tired of handing my PDFs to strangers, so I brought the tools home instead.
Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results