Threat actors are increasingly targeting the developer ecosystem by exploiting trust in widely used tools. Recently, researchers uncovered a sophisticated campaign using malicious npm packages to deploy a multi-stage Windows Remote Access Trojan (RAT). The attackers relied on a clever typosquatting tactic, naming their primary payload postcss-minify-selector-parser. This name closely mimics the legitimate postcss-selector-parser, a […]
The post Malicious npm Packages Use PowerShell and VBS Chain to Drop Windows RAT appeared first on Cyber Security News.