Slopsquatting: Your AI Coding Agent Is Now a Supply Chain Risk
On February 17, 2026, attackers compromised the Cline AI coding tool via a malicious npm package, silently installing OpenClaw on 4,000 developers' machines through a postinstall script. This "slopsqu…