A malicious npm package, @openclaw-ai/openclawai, that impersonates the legitimate OpenClaw CLI while quietly deploying a full-featured infostealer and RAT against developers’ machines. Internally branded “GhostLoader,” this threat combines polished social engineering, encrypted payload delivery, and long”‘term persistence to exfiltrate almost every valuable secret a developer holds from SSH keys and cloud credentials to AI agent […] The post GhostClaw Masquerades as OpenClaw in Bid to Plunder Developer Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/ghostclaw-masquerades-as-openclaw/
