Cybersecurity researchers have discovered a set of malicious
npm packages that are designed to deliver a Windows-based remote
access trojan (RAT). The list of identified packages, is below -
aes-decode-runner-pro (145 downloads) postcss-minify-selector (256
downloads) postcss-minify-selector-parser (615 downloads) All the
packages were published over the past month by an npm user
named
Read more https://thehackernews.com/2026/06/malicious-npm-packages-pose-as-postcss.html
