{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreieahky5xlexj7xek3q5geij6hzu2zxrte3kbehgq5dsh62hcjanhq",
"uri": "at://did:plc:xb5etev7ncohgebas3kjeqek/app.bsky.feed.post/3mp3jrssh5i52"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreigkegi4po6iayumyr5oqt22smucac2vthjfqofx72vw3o2mjtumji"
},
"mimeType": "image/jpeg",
"size": 90360
},
"path": "/fake-npm-packages-postcss-tool-steal-chrome-password/",
"publishedAt": "2026-06-24T13:26:36.000Z",
"site": "https://hackread.com",
"tags": [
"Security",
"Malware",
"Chrome",
"Cyber Attack",
"Cybersecurity",
"JFrog",
"NPM",
"Password",
"PostCSS",
"RAT",
"Scam",
"security",
"Windows"
],
"textContent": "JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route.",
"title": "Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords"
}