{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiagh3j26imkgh6rkptkz32vhjcjpj6swp5uaoykedz2ysiwryr5qa",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mozlz26smdz2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibjbzor2uwmna3x44nfip5eveqdoylbq54fil6pjoxutqczzkwv7i"
    },
    "mimeType": "image/jpeg",
    "size": 324073
  },
  "path": "/malicious-npm-packages-pose-as-postcss-tools-to-deliver-windows-rat/",
  "publishedAt": "2026-06-23T14:23:56.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT",
    "VPN Central"
  ],
  "textContent": "Security researchers have found three malicious npm packages that pretend to be PostCSS-related developer tools while delivering a Windows remote access trojan. The campaign was detailed by JFrog Security Research, which said the packages lead to the same multi-stage Windows malware chain. The RAT can steal Chrome credentials, collect host information, run shell commands, transfer […]\n\nThe post Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT appeared first on VPN Central.",
  "title": "Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT"
}