Threat Advisory

Malicious npm package disguised as the software tool Material Tailwind

September 23, 2022 | By Accorian

Attempts by threat actors to distribute malicious code in open-source software repositories have once again been seen in the discovery of a malicious NPM package that poses as the legitimate software library for Material Tailwind. While pretending to be a useful development tool, the malicious Material Tailwind npm package features an automated post-install script. The purpose of this script is to download a password-protected ZIP archive containing a Windows executable for PowerShell script execution. These scripts can result in command-and-control, communication, process manipulation, and establishing persistence through a scheduled task. According to the White House, ensuring software integrity is key to protecting Federal systems from threats and vulnerabilities and reducing the overall risk from cyberattacks.

Accorian can help identify this vulnerability in your environment. 

Source: Malicious npm package disguised as the Material Tailwind

Threat Advisory Team 


Recent Post

    Ready to Start?

      Ready to Start?

      Download Case study

      Download SOC2 Guide

      Human Resources Director

      Posted On: 09 May, 2022

      Drop your CVs to

        Interested Position
        First Name
        Last Name
        Total Experience
        Mobile Number
        Upload Resume