Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
Malicious packages on npm are disguising themselves as tools related to PostCSS and possibly other css tools, in order to deliver a windows remote access trojan (RAT). The RAT is reported to have features such as encrypted communication and registry persistence. Details of the threat are being analyzed, with some reports indicating the malicious packages may mimic specific tools like Material Tailwind CSS.