Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
VPN Central [Unofficial]
June 23, 2026
Security researchers have found three malicious npm packages that pretend to be PostCSS-related developer tools while delivering a Windows remote access trojan. The campaign was detailed by JFrog Security Research, which said the packages lead to the same multi-stage Windows malware chain. The RAT can steal Chrome credentials, collect host information, run shell commands, transfer […]
The post Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT appeared first on VPN Central.
Discussion in the ATmosphere