{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreidbcdwaubpgtbfe4th6mhsfm5ea6x3stgow3hrpueyopdb6ihvixq",
"uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mox6q5f4gwj2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreibjbzor2uwmna3x44nfip5eveqdoylbq54fil6pjoxutqczzkwv7i"
},
"mimeType": "image/jpeg",
"size": 324073
},
"path": "/2026/06/malicious-npm-packages-pose-as-postcss.html",
"publishedAt": "2026-06-23T08:54:32.000Z",
"site": "https://thehackernews.com",
"textContent": "Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT).\n\nThe list of identified packages, is below -\n\n\n aes-decode-runner-pro (145 downloads)\n postcss-minify-selector (256 downloads)\n postcss-minify-selector-parser (615 downloads)\n\nAll the packages were published over the past month by an npm user named",
"title": "Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT"
}