SECURITYTHE HACKER NEWS
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
Cybersecurity researchers have discovered malicious npm packages designed to deliver a Windows-based remote access trojan (RAT). The identified packages include aes-decode-runner-pro (145 downloads), postcss-minify-selector (256 downloads), and postcss-minify-selector-parser (615 downloads), all published in the past month by an npm user.
Mentioned
Related Signal
Adjacent reporting
- Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
- Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
- SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware
- Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
- Cache-poisoning caper turns TanStack npm packages toxic
- Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week