Lookalike npm Package Hides a Multi-Stage Windows RAT
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
A malicious npm package has been discovered that hides a multi-stage windows remote access trojan (RAT). The package is reportedly disguised as a postcss tool, although some outlets are also discussing other types of cyber threats, including wordpress plugin backdoors and chrome extension keyloggers. It is unclear if these are all related incidents or separate attacks.
Full coverage
12345678