Clinejection: How a GitHub Issue Compromised Cline's Entire NPM Supply Chain
Breach Catalog — Entry #001. Source: Simon Willison’s Blog via Adnan Khan. Incident date: March 2026. A developer opened a GitHub issue against Cline — a popular AI coding assistant — and by the time it was over, an attacker had published a malicious version of the package to NPM with over a million weekly downloads. The root cause wasn’t a zero-day. It wasn’t a credential leak. It was an AI agent reading a GitHub issue title and doing exactly what it was told. ...