Protect YourselfPublic
Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install
The Hacker News·July 11, 2026·1 min read
The jscrambler npm package was compromised, and simply installing its 8.14.0 release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a preinstall hook that drops and executes a native binary, one build each for Windows, macOS, and Linux. Socket flagged the release six minutes after it was published. If you or one of your
Read full article on The Hacker News →Share this article
Follow broker incidents, regulatory actions & market intelligence
Stay ahead with CLEAREX.MARKET
View all intelligence →