OpenClaw version 3.28 may have introduced a malicious version of the axios library.
SlowMist Founder Warns of Compromised Axios in OpenClaw 3.28
SlowMist founder Yu Xian just issued a warning on X. Users running the latest OpenClaw version—3.28—may be pulling in a compromised version of axios. His advice? Check your systems immediately.
It's not just OpenClaw that's directly affected. Related Skills could also be indirectly poisoned because they depend on axios. Given how widely axios is used, a thorough sweep is necessary. That said, the poisoning was caught relatively early.
|
DISCLAIMER:
1. All content on this website (including but not limited to articles, data, charts, and analyses) is for general informational purposes only and does not constitute any form of investment advice, trading recommendation, or financial guidance. 2. Cryptocurrencies and digital assets are subject to extreme price volatility and high investment risk; you may lose part or all of your principal. Past performance does not predict future results. 3. The information on this website is based on sources we believe to be reliable, but we do not guarantee its accuracy, completeness, or timeliness. Any investment decisions made based on this website’s information are at your own risk. 4. We strongly recommend that you conduct your own thorough research and consult an independent, licensed financial advisor before making any investment decisions. |
Recommended reading
Latest News
