Official jscrambler npm Package Compromised at 8.14.0 - Real-time Open Source Software Supply Chain Security
Login Start for Free 1.5k
Back<br>Vet<br>Scan and govern your dependencies across every PR and build.
PMG<br>Block malicious packages at install-time, before they enter your codebase.
xbom<br>Generate AI-enriched BOMs using real code evidence, not just manifests.
GRYPH<br>Monitor every AI coding agent action across your projects and workflows.
Back Discover & Monitor<br>SCA & SBOM Scan dependencies, generate SBOMs, enforce policy.
AI Agent Discovery See every AI tool and SDK in your org.
AI Agent Monitoring Audit every action your AI agents take.
Protect<br>Developer Security Block malicious packages at install-time.
CI/CD Security Block malicious packages in your pipeline.
MCP Server Block threats inside your AI coding agent.
Agent API Threat intelligence API for custom agents.
Threat Intelligence Real-time malicious package verdicts.
Govern<br>Endpoint Protection Package events & AI inventory in the cloud.
Platform Centralized policies, dashboard, compliance.
Login Start for Free 1.5k
Back to Blog
Official jscrambler npm Package Compromised at 8.14.0<br>Malware
SafeDep Team<br>• Jul 11, 2026 • 7 min read
Table of Contents
Open Source · Free<br>Protect your projects from malicious packages<br>PMG wraps your favorite package manager to block malicious packages at install time
Get PMG on GitHub
` rules instead of the old inline `prose-* / [&_…]`<br>modifier string — that string compiled to ~40 complex selectors that<br>Chrome iOS (WKWebView) re-matched on every scroll recalc, blanking the<br>page. Base `prose prose-lg prose-invert` reset is kept.<br>-->
TL;DR
The official jscrambler npm package, published by the legitimate jscrambler_ account ([email protected]), was trojanized at version 8.14.0 on July 11, 2026. The compromised version adds a preinstall hook and two new files absent in 8.13.0: a 43-line JavaScript dropper (dist/setup.js) and a 7.5 MB binary container (dist/intro.js) that bundles gzip-compressed native executables for Linux, Windows, and macOS. The dropper unpacks the platform-matched binary into a hidden temp file and spawns it detached. The dropped binaries are Rust-compiled infostealers that target browser profile data (Chrome, Brave, Edge, Chromium), the Bitwarden password manager extension, and Steam gaming sessions. They install persistence through Windows Task Scheduler and macOS LaunchAgents. No corresponding commit, tag, or release for 8.14.0 exists in the jscrambler GitHub repository, which points to an npm account or CI pipeline compromise. With roughly 60,000 monthly downloads, the blast radius is significant.
Impact:
Installing [email protected] runs a native binary at install time that targets browser credentials across Chrome, Chromium, Brave, and Edge
The Bitwarden browser extension (nngceckbapebfimnlniiiahkandclblb) is explicitly targeted, putting stored vault data at risk
Steam session cookies (steamLoginSecure, sessionid) are harvested
The payload installs persistent scheduled tasks (Windows) or LaunchAgents (macOS) that survive reboots
All existing dist/ files are byte-identical to 8.13.0. Only the dropper and binary container were added
Indicators of Compromise (IoC):
Compromised package: [email protected] (npm)
Clean version: [email protected]
Binary container magic bytes: 1b 43 53 49 01 (\x1bCSI\x01)
SHA256 (Linux ELF x86-64): fbbcf4d8f98168f78f5c0c47a9ae56d59ec8ac84a7c9ca6b797fedfb8d62d2bd
SHA256 (Windows PE x86-64): b7ca95d1b23c8e67416a25cedf741de0917c2096bbc9d24649eea7853d054903
SHA256 (macOS Mach-O arm64): c8fd47d36bdf7c825378593ab82ed8c24d1dc52e26b507812393e24e1d5201fd
Bitwarden extension ID targeted: nngceckbapebfimnlniiiahkandclblb
Embedded hash (Windows binary): 9eeffcb5c3445ef9512f7776045f99ea23f9ebed989f8570bc4634b4e340de5d
Host artifacts: hidden dotfiles in os.tmpdir() (.{random} on Linux/macOS, .{random}.exe on Windows)
Windows Task Scheduler XML with true, restart interval PT1M, count 999
macOS LaunchAgent plist with RunAtLoad, KeepAlive, StartInterval 30s
Analysis
The compromise surface
Jscrambler is a commercial JavaScript protection platform. Their official npm CLI client, published under the jscrambler_ account ([email protected]), has ten maintainers, several with @jscrambler.com email addresses.
# Registry metadata for jscrambler
Maintainers: jscrambler_ ([email protected]),
antonio.soares ([email protected]),
jose.cerqueira ([email protected]),
f-ribeiro ([email protected]),
vitormagano ([email protected]),
... and 5 others
Version 8.13.0 was published on June 30, 2026, matching a GitHub commit from the same day. Version 8.14.0 appeared on July 11, 2026, with no corresponding GitHub commit, tag, or pull request. The GitHub repo’s latest tag is [email protected]. The attacker published directly to npm, bypassing the project’s normal release workflow.
The other packages in the jscrambler ecosystem (jscrambler-webpack-plugin,...