Malware in npm package tailwindcss-merge
malicious-version-published · active
The npm package tailwindcss-merge has been identified as malware. Any system with this package installed should be considered fully compromised; secrets and keys must be rotated immediately from a different machine.
Affected packages
- npmtailwindcss-merge