SlowMist: Beware of Malicious Versions of Axios 1.14.1 / 0.30.4 and Historical Exposure Risk from Global Installation of OpenClaw via npm

Odaily News As of March 31, 2026, public intelligence indicates that axios@1.14.1 and axios@0.30.4 have been confirmed as malicious versions. Both have been implanted with an additional dependency, plain-crypto-js@4.2.1, which can deliver cross-platform malicious payloads via a postinstall script.

The impact of this incident on OpenClaw needs to be assessed based on different scenarios:

1) Source Code Build Scenario: Not Affected

The lockfile for v2026.3.28 actually locks axios@1.13.5 / 1.13.6, which are not the malicious versions.

2) Scenario of `npm install -g openclaw@2026.3.28`: Historical Exposure Risk Exists

The reason is that the dependency chain contains: openclaw -> @line/bot-sdk@10.6.0 -> optionalDependencies.axios@^1.7.4. During the time window when the malicious version was still online, it could have been resolved to axios@1.14.1.

3) Current Reinstallation Result: npm has rolled back resolution to axios@1.14.0

However, for environments that were installed during the attack window, it is still recommended to treat them as affected scenarios and investigate for IoCs (Indicators of Compromise).

Furthermore, SlowMist warns that if the plain-crypto-js directory is found, even if its package.json has been cleaned, it should be considered a high-risk execution artifact. For hosts that executed `npm install` or `npm install -g openclaw@2026.3.28` during the attack window, it is recommended to immediately rotate credentials and conduct host-side investigations.