Skip to content
The Nexus
DossierENTITY

jscrambler

Coverage of jscrambler in the Nexus archive.

Earliest in view: Jul 11 · 17:59 UTCMost recent: Jul 11 · 17:59 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 11 · 17:59 UTCTHE HACKER NEWS
    Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

    The jscrambler 8.14.0 npm package included a malicious preinstall hook that deploys a Rust-based infostealer for Windows, macOS, and Linux during installation. The compromised version was published on July 11, 2026, and automatically executes the malware without requiring additional commands or imports. Security firm Socket detected and flagged the release six minutes after publication.

jscrambler · Dossier · The Nexus