A recent release of the jscrambler 8.14.0 npm package was compromised, resulting in the distribution of Rust-infostealer malware during installation. This incident highlights vulnerabilities in the software supply chain and emphasizes the importance of security measures to prevent malware distribution. It showcases the increasing risks associated with third-party software, urging developers and organizations to strengthen their cybersecurity practices.
Compromised jscrambler npm package spreads Rust infostealer
CyberSIXT Evidence Panel
Source marked as original reporting
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Compromised jscrambler npm package spreads Rust infostealer
thehackernews.com
-
Malicious jscrambler npm update steals credentials, crypto data
stepsecurity.io