CyberSecurity News
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
AI summary
Cybersecurity researchers have found malicious npm packages that deliver a Windows-based remote access trojan. These packages disguise themselves as PostCSS tools and were published by a single npm user over the past month. The identified packages include aes-decode-runner-pro, postcss-minify-selector, and postcss-minify-selector-parser, which have accumulated a total of over 1000 downloads. The packages were downloaded 145, 256, and 615 times respectively. They were designed to install a remote access trojan on Windows systems. The packages were published under the guise of legitimate PostCSS tools.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.