Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.
This article has been indexed from Dark Reading
Read the original article:
Malicious npm Package Poses as Tailwind Tool