npm security

September 23, 2022

Threat analysis: Malicious npm package mimics Material Tailwind CSS tool

ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis. (Updated with MachO executable information.)

SUBSCRIBE

Sign up now to receive notifications for the ReversingLabs Blog

Request a DEMO

Request a live demo today for a walkthrough of how ReversingLabs detects and analyzes more hidden threats, built to evade security controls—and how we do it faster than anyone else.

REQUEST A DEMO