Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Jscrambler Packages Compromised in Supply Chain Breach

Jscrambler Packages Compromised in Supply Chain Breach

Posted on July 14, 2026 By CWS

In a recent cybersecurity incident, several versions of Jscrambler’s NPM package were maliciously published over the weekend, marking a significant supply chain attack. The breach involved compromised credentials of the popular JavaScript protection tool, Jscrambler Code Integrity.

Attack Details and Timeline

The security incident began on July 11 when attackers exploited NPM publishing credentials to release altered versions of the package. These versions included a preinstall hook designed to deploy binaries during the installation phase. While Jscrambler was addressing the breach, additional compromised versions—8.16, 8.17, 8.18, and 8.20—were released, with the first clean version being 8.22.

The malicious packages impacted several dependencies, including Jscrambler-webpack-plugin version 8.6.2, gulp-Jscrambler version 8.6.2, grunt-Jscrambler version 8.5.2, and Jscrambler-metro-plugin version 9.0.2. Before being deprecated, these compromised versions were downloaded 1,479 times, according to NPM data.

Technical Analysis of the Breach

Security firm Socket reported that the malicious packages contained a preinstall hook and two new files, setup.js and intro.js, targeting Linux, macOS, and Windows systems. When installed, the hook executes setup.js, which loads a platform-specific binary from intro.js.

The binaries, written in Rust, are designed to steal sensitive information, targeting developer credentials, cloud-operator secrets, cryptocurrency wallets, AI coding assistants, and other critical data. The malware also attempts to elevate privileges, maintain persistence, and conduct host reconnaissance.

Responses and Recommendations

Jscrambler has responded by revoking and rotating all compromised credentials, implementing enhanced security controls, and continuing their investigation. Users are strongly advised to remove affected versions, perform malware scans, and rotate all credentials, tokens, and API keys immediately.

Additionally, the malware exfiltrated data over TLS using rustls, suggesting a connection to a drop server. It also constructed requests to access cloud and orchestration APIs with stolen credentials, emphasizing the need for vigilant security practices.

The incident highlights the growing threat of supply chain attacks and the necessity for robust security protocols. As the investigation unfolds, further updates and protective measures are expected from Jscrambler.

Security Week News Tags:cloud security, Credentials, Cybersecurity, information theft, JavaScript, jscrambler, Malware, NPM, supply chain attack, web security

Post navigation

Previous Post: xAI’s Grok Build Uploads Full Repositories to Cloud
Next Post: npm Packages Exploited to Form DDoS Botnet

Related Posts

Facial Recognition’s Trust Problem – SecurityWeek Facial Recognition’s Trust Problem – SecurityWeek Security Week News
Red Hat NPM Packages Targeted in Supply Chain Breach Red Hat NPM Packages Targeted in Supply Chain Breach Security Week News
Critical Check Point VPN Flaw Exploited by Ransomware Critical Check Point VPN Flaw Exploited by Ransomware Security Week News
Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report  Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report  Security Week News
Cyberattack Disrupts Canvas Platform as Finals Near Cyberattack Disrupts Canvas Platform as Finals Near Security Week News
United Natural Foods Projects Up to 0M Sales Hit from June Cyberattack United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • UK Issues Alert on Russian Cyber Threats to Networks
  • SAP Addresses Major Security Flaws in NetWeaver and More
  • Canadian Cybersecurity Leaders Shine at Web Summit Vancouver
  • Valarian Secures $50M for Innovative Infrastructure Layer
  • npm Packages Exploited to Form DDoS Botnet

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • UK Issues Alert on Russian Cyber Threats to Networks
  • SAP Addresses Major Security Flaws in NetWeaver and More
  • Canadian Cybersecurity Leaders Shine at Web Summit Vancouver
  • Valarian Secures $50M for Innovative Infrastructure Layer
  • npm Packages Exploited to Form DDoS Botnet

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark