{"id":14244,"date":"2026-07-12T07:03:54","date_gmt":"2026-07-12T07:03:54","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/12\/compromised-jscrambler-8140-npm-release-html\/"},"modified":"2026-07-12T07:03:54","modified_gmt":"2026-07-12T07:03:54","slug":"compromised-jscrambler-8140-npm-release-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/12\/compromised-jscrambler-8140-npm-release-html\/","title":{"rendered":"Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install"},"content":{"rendered":"<p>    Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>The jscrambler npm package was compromised, and simply installing its\u00a08.14.0\u00a0release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a\u00a0preinstall\u00a0hook that drops and executes a native binary, one build each for Windows, macOS, and Linux.<\/p>\n<p>Socket flagged the release\u00a0six minutes after it was published. If you or one of your<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/thehackernews.com\/2026\/07\/compromised-jscrambler-8140-npm-release.html\">Go to TheHackersNews<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install The jscrambler npm package was compromised, and simply installing its\u00a08.14.0\u00a0release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a\u00a0preinstall\u00a0hook that drops and executes a native binary, one build each for Windows, macOS, and Linux. Socket flagged the release\u00a0six [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[76],"class_list":["post-14244","post","type-post","status-publish","format-standard","hentry","category-thehackersnews","tag-thehackersnews"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14244"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14244"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14244\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14244"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14244"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14244"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}