SlowMist: Be aware of the malicious versions 1.14.1 / 0.30.4 of axios and the risk of exposing npm global installation history for OpenClaw.

ME News update, March 31 (UTC+8). As of March 31, 2026, public intelligence shows that axios@1.14.1 and axios@0.30.4 have both been confirmed as malicious versions. Both have been injected with an additional dependency, plain-crypto-js@4.2.1, which can deliver cross-platform malicious payloads via a postinstall script. The impact of this incident on OpenClaw needs to be judged by scenario: 1) Source build scenario: not affected. The v2026.3.28 lock file actually locks axios@1.13.5 / 1.13.6, which does not match the malicious versions. 2) npm install -g openclaw@2026.3.28 scenario: there is a historical exposure risk. The reason is that the dependency chain includes: openclaw -> @line/bot-sdk@10.6.0 -> optionalDependencies.axios@^1.7.4. During the time window when the malicious versions are still online, it may resolve to axios@1.14.1. 3) Current reinstall result: npm has rolled back resolution to axios@1.14.0, but for environments where axios was installed during the attack window, it is still recommended to handle it as an affected scenario and check for IoCs. In addition, SlowMist warns that if you find a plain-crypto-js directory, even if its package.json has already been cleaned, it should still be treated as a high-risk execution trace. For hosts that executed npm install or npm install -g openclaw@2026.3.28 during the attack window, it is recommended to immediately rotate credentials and carry out host-side investigations. (Source: ODAILY)