BlockBeats News, March 31st, SlowMist founder Cosmos released a security alert stating: We basically confirm that if a user’s OpenClaw is the latest version 3.28, it may introduce a malicious axios, please pay attention to investigation. In addition, related Skills may also rely on axios, leading to indirect poisoning. Since axios is widely used, a comprehensive investigation is possible if conditions permit.
Earlier today, according to 1M AI News monitoring, axios subjected to a supply chain attack: two new versions introduce malicious dependencies, it is recommended to immediately roll back.
