PANews reported on March 31 that Yu Xian, founder of SlowMist, posted on the X platform that users using the latest version 3.28 of OpenClaw may have been infected with a malicious version of axios, and advised users to check immediately. Furthermore, not only is OpenClaw directly infected, but related skills may also be indirectly infected due to their reliance on axios. Given the widespread use of axios, a comprehensive investigation is necessary, even though this particular infection was discovered relatively quickly.

Earlier today, it was reported that version 1.14.1 of the npm core package axios was subjected to an active supply chain attack .