Malicious npm Packages Deliver Windows RAT Disguised as PostCSS Tools
VPN Central [Unofficial]
June 23, 2026
Security researchers found a new npm malware campaign that targets Windows developers through packages disguised as PostCSS-related utilities. The main package, postcss-minify-selector-parser, posed as a plausible CSS selector parsing tool and depended on the real postcss-selector-parser package. According to JFrog Security Research, the package ultimately led to a multi-stage Windows remote access trojan capable of […]
The post Malicious npm Packages Deliver Windows RAT Disguised as PostCSS Tools appeared first on VPN Central.
Discussion in the ATmosphere