Security News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

TheHackerNews

Daniel Bender

23 Jun 2026

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.