Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords
Hackread - Latest Cybersecurity News, Press Releases & Technolo…
June 24, 2026
JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route.
Discussion in the ATmosphere