Feb 212026 Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.
