What Happened
Attackers obtained a stolen npm publishing credential and used it to release malicious versions of the Jscrambler npm package beginning with version 8.14.0, published on July 11, 2026. Socket’s Research Team detected the malicious release six minutes after it appeared. The compromised versions added an undocumented preinstall hook that executed automatically during npm install, dropping a Rust-built infostealer disguised as a JavaScript file.
Affected package versions include jscrambler 8.14.0, 8.16.0, 8.17.0, 8.18.0, and 8.20.0, along with jscrambler-webpack-plugin 8.6.2, gulp-jscrambler 8.6.2, grunt-jscrambler 8.5.2, and jscrambler-metro-plugin 9.0.2. The package receives roughly 15,800 weekly downloads. Jscrambler confirmed the breach and published a security advisory. Clean versions — jscrambler 8.22.0 and corresponding plugin releases — are available.
The malware payload targeted an extensive list of developer and cloud assets: AWS, GCP, and Azure credentials; cryptocurrency wallets including MetaMask, Trust Wallet, Coinbase Wallet, Phantom, and Exodus; AI coding assistants including Claude Desktop, Cursor, Windsurf, Factory, and Zed; communication tools including Discord, Slack, and Telegram Desktop; browsers; and OS keyrings. The infostealer included native binaries for Linux, macOS, and Windows.
Why This Matters for Canadian Organizations
This attack demonstrates that security tooling vendors are high-value supply chain targets: Jscrambler’s core product protects JavaScript code, making it a tool installed in build pipelines at software companies, digital agencies, and financial services firms across Canada. When an attacker compromises the tooling rather than the application, every developer who runs npm install in a CI/CD pipeline or on a local workstation becomes an entry point.
The credential scope is broad. Cloud provider keys stolen from a single developer machine give an attacker access to production infrastructure. AI coding assistant credentials — particularly Claude Desktop and Cursor — represent a newer class of high-value target, as these tools have access to local codebases, file systems, and in some configurations cloud services. Canadian organizations in financial services, technology, and government digital services that use npm in their development workflows and rely on OSFI B-13’s software supply chain controls need to assess their exposure.
Under PIPEDA, if stolen credentials led to unauthorized access to systems containing personal information, breach notification obligations apply. The breadth of credential targets in this payload makes that assessment non-trivial.
What to Do
Check your package.json, package-lock.json, and CI/CD logs to determine whether any affected version was installed between July 11 and July 14, 2026. If so, treat all credentials that were accessible on the build environment as compromised and rotate them immediately: AWS IAM keys, GCP service account credentials, Azure service principals, GitHub tokens, and any AI coding assistant API keys or session tokens. Upgrade to the clean versions — jscrambler 8.22.0 and corresponding plugin updates. Review npm audit logs and consider enabling npm provenance checks and package signing in your pipelines. If you are subject to OSFI B-13, document the supply chain incident assessment in your third-party risk register.
Source: SecurityWeek






