Version 8.14.0 of the jscrambler npm package shipped with a malicious preinstall hook that silently drops and runs a native infostealer during installation, one build each for Windows, macOS, and Linux.
Published on July 11, 2026, it needs no import and no CLI call. Installing 8.14.0 is enough to run it.
Socket flagged the release six minutes after it was published. If you or one of your build systems pulled it in that window, the payload has already run with whatever access your install process had.
The hook fires before the package is even set up, and none of it appears in the prior release, 8.13.0. The package diff shows two new files under dist/: setup.js, a small loader, and intro.js, which, despite the name, is not JavaScript but a roughly 7.8MB container packing three gzip-compressed native binaries, one each for Linux, Windows, and macOS.
On install, setup.js picks the binary for the host operating system, writes it under a random name in the system temp directory, marks it executable, and launches it detached with its output hidden.
The added files are in the published package, but nowhere in jscrambler’s public source. StepSecurity and SafeDep, which each pulled and analyzed the release, both report no matching commit, tag, or pull request for 8.14.0 in the GitHub repository, whose latest tag remains 8.13.0.
The version was pushed straight to npm under a legitimate maintainer account, bypassing the project’s normal release flow, which points to a compromised npm account or build pipeline. Which of the two has not been established.
What the binaries do is now clear. Socket, in an updated analysis and a statement to The Hacker News, identifies the payload as a Rust infostealer, built for all three platforms, that sweeps a developer machine for secrets and ships them to a drop server over TLS.
The target list is broad and aimed squarely at developers. It pulls cloud credentials from AWS, Azure, and Google Cloud, including the metadata endpoints that CI runners use. It reads cryptocurrency wallets and seed phrases from MetaMask, Phantom, and Exodus, and the vault of the Bitwarden password manager.
It scrapes browser-stored passwords and cookies, along with Discord, Slack, Telegram, and Steam sessions. And it goes after something newer: the config files for AI coding tools, including Claude Desktop, Cursor, Windsurf, VS Code, and Zed, where API keys and Model Context Protocol server credentials tend to sit.
The binaries reach past ordinary theft. On Linux, the payload links the kernel’s BPF library and can load an eBPF program into the kernel from memory, a foothold in the kernel rather than the userspace file access the rest of the stealer relies on; StepSecurity and SafeDep both flagged the capability, though what the eBPF does is still being pulled apart.
The Windows and macOS builds add anti-debugging checks, and the stealer wires in persistence to survive a reboot: a hidden Windows scheduled task set…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
