SlowMist: Be aware of the malicious versions 1.14.1 / 0.30.4 of axios and the risk of exposing npm global installation history for OpenClaw.

ME News reports that, as of March 31 (UTC+8), publicly available intelligence confirms that axios@1.14.1 and axios@0.30.4 have been identified as malicious versions. Both have been embedded with an additional dependency, plain-crypto-js@4.2.1, which can deliver cross-platform malicious payloads through a postinstall script. The impact of this incident on OpenClaw v2026.3.28 needs to be evaluated based on different scenarios:

1. Source code build scenario: Not affected. The lock file for v2026.3.28 actually locks axios@1.13.5 / 1.13.6, which are not malicious versions.

2. npm install -g openclaw@2026.3.28 scenario: There is a risk of historical exposure. This is because the dependency chain includes: openclaw -> @line/bot-sdk@10.6.0 -> optionalDependencies.axios@^1.7.4. During the period when malicious versions were still online, it could resolve to axios@1.14.1.

3. Current reinstallation results: npm has rolled back the resolution to axios@1.14.0. However, environments that installed during the attack window are still recommended to handle as affected scenarios and investigate Indicators of Compromise (IoCs).

Additionally, SlowMist warns that if a plain-crypto-js directory is found, even if its package.json has been cleaned, it should be regarded as a high-risk execution artifact. For hosts that executed npm install or npm install -g openclaw@2026.3.28 during the attack window, it is advised to immediately rotate credentials and conduct host-side investigations. (Source: ODAILY)