Web: https://thehackernews.com/2022/09/malicious-npm-package-caught-mimicking.html

Sept. 22, 2022, 3:01 p.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

A malicious NPM package has been found masquerading as the legitimate software library for Material Tailwind, once again indicating attempts on the part of threat actors to distribute malicious code in open source software repositories.
Material Tailwind is a CSS-based framework advertised by its maintainers as an "easy to use components library for Tailwind CSS and Material Design."
"The

caught css malicious malicious npm npm npm package package

Field Security Specialist (GitHub Advanced Security Pre-Sales Engineer)

@ GitHub | Remote - US East

Cyber Threat Intelligence (CTI) Analyst

@ XOR Security | Alexandria, VA

Senior Manual QA (Cyber Protect)

@ Acronis | Budapest, Hungary

Security Operations Engineer

@ Cloudflare, Inc. | Lisbon, Portugal

Senior Security Consultant

@ Charterhouse | Peterborough, England, United Kingdom

Enterprise Sales Executive (Missouri)

@ Datadog | Missouri, USA, Remote

iCAM - Cyber/Network Security Background**

@ SonicWall | Bengaluru, Karnataka, India

Territory Account Manager - Cyber Security Background*

@ SonicWall | Melbourne, Victoria, Australia

Cybersecurity and Supply Chain Risk Manager

@ Avint | Washington, District of Columbia, United States - Remote

Implementation Consultant

@ Snyk | Australia, Japan, or Singapore

Information Systems Security Engineer (ISSE)

@ Novetta | Columbia, Maryland

Vulnerability Management Engineer (Splunk)

@ Aperia | Dallas, Texas, United States - Remote