Malicious NPM Package Caught Mimicking Material Tailwind CSS Package

By Ravie Lakshmanan — September 22^nd 2022 at 15:01

A malicious NPM package has been found masquerading as the legitimate software library for Material Tailwind, once again indicating attempts on the part of threat actors to distribute malicious code in open source software repositories. Material Tailwind is a CSS-based framework advertised by its maintainers as an "easy to use components library for Tailwind CSS and Material Design." "The

FreshRSS

Malicious NPM Package Caught Mimicking Material Tailwind CSS Package