The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
Techzine Europe

New npm browser npmx addresses shortcomings of npmjs

An initiative within the JavaScript community is attempting to offer an alternative to the way developers view npm packages via the web. The project is ...