External Publication
Visit Post

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

The Hacker News | #1 Trusted Source for Cybersecurity News [Uno… June 23, 2026
Source
Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT). The list of identified packages, is below - aes-decode-runner-pro (145 downloads) postcss-minify-selector (256 downloads) postcss-minify-selector-parser (615 downloads) All the packages were published over the past month by an npm user named

Discussion in the ATmosphere

Loading comments...