A malicious NPM package has been found masquerading as the legitimate software library for Material Tailwind, once again indicating attempts on the part of threat actors to distribute malicious code in open source software repositories.
Material Tailwind is a CSS-based framework advertised by its maintainers as an “easy to use components library for Tailwind CSS and Material Design.”
“The