Malicious npm Package Poses as Tailwind Tool

A malicious package in the npm open source code repository is hitching a social engineering ride on the “Tailwind” legitimate software library tool, which millions of application developers use around the globe.

Read full article on Dark Reading: Cloud