Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT).

The list of identified packages, is below –

aes-decode-runner-pro (145 downloads)
postcss-minify-selector (256 downloads)
postcss-minify-selector-parser (615 downloads)

All the packages were published over the past month by an npm user named