On Feb. 22, 2026, security firm Rescana reported that version 2.3.0 of the open‑source Cline CLI was compromised in a supply‑chain attack that installed the OpenClaw backdoor on developer machines and CI/CD systems.
What Happened
The malicious build replaced the legitimate Cline binary with a wrapper that silently fetched and executed OpenClaw’s payload during installation, leaving no obvious trace in npm logs.
Who’s Affected
- Developers who ran npm install cline-cli@2.3.0 on Windows, macOS, or Linux workstations.
- CI/CD pipelines that automatically pull the package from public registries, including GitHub Actions, GitLab CI, and Azure Pipelines.
How to Detect and Remediate
Check the SHA‑256 checksum of the installed binary against the official hash published on the Cline GitHub release page; scan your file system for the unexpected OpenClaw executable; revert to the last clean version (2.2.9) and rotate any credentials that may have been exposed.
Key Takeaways
- Cline CLI 2.3.0 was compromised and installed the OpenClaw backdoor.
- Affected platforms include Windows, macOS, Linux, and major CI/CD services.
- Verify package checksums and scan for rogue binaries to prevent similar attacks.
The Bottom Line
Supply‑chain hygiene is no longer optional—regular verification of package integrity and automated scanning for rogue binaries are essential safeguards for any modern development workflow.