A newly uncovered npm threat is a sharp reminder that not every package pretending to be a helpful developer tool is what it claims to be. Security researchers at JFrog say a malicious package named @openclaw-ai/openclawai was uploaded to npm on 3 March 2026, disguised as an OpenClaw installer for macOS developers. Instead of installing anything legitimate, the package reportedly deployed a multi-stage malware chain designed to steal sensitive data and establish long-term remote access on infected machines. JFrog calls the campaign GhostClaw.
