Executive Summary
On July 11, 2026, multiple versions of the jscrambler npm package and related plugins were compromised in a coordinated supply chain attack. The attacker published malicious versions of jscrambler and several dependent packages to the npm registry using stolen publishing credentials. These versions introduced hidden native binaries that executed automatically during installation or use, targeting developer workstations, CI/CD pipelines, and build systems. The malware was designed to harvest credentials, secrets, and sensitive files from a wide range of applications, including cloud providers, cryptocurrency wallets, and AI coding assistants. The attack was detected within minutes by independent security vendors and promptly contained by Jscrambler, who deprecated the affected versions and released clean updates. All major claims in this report are corroborated by technical analyses from Socket, StepSecurity, and the official Jscrambler security advisory. Immediate action is required for any organization that installed the affected versions, including removal, credential rotation, and system auditing.
Technical Information
The supply chain attack on jscrambler exploited the npm package publishing process. The attacker gained access to valid npm credentials and published five malicious versions: 8.14.0, 8.16.0, 8.17.0, 8.18.0, and 8.20.0. The initial malicious version (8.14.0) introduced a preinstall hook in the package manifest, causing the execution of a new loader script (dist/setup.js) during the npm install process. This loader extracted and executed a platform-specific native binary embedded in an obfuscated container file (dist/intro.js). The container included binaries for Linux (ELF), Windows (PE), and macOS (Mach-O), each designed to run on the corresponding operating system.
Subsequent malicious versions evolved the delivery mechanism. While versions 8.14.0, 8.16.0, and 8.17.0 used the preinstall hook, versions 8.18.0 and 8.20.0 removed the install hook and instead injected a self-executing function into the main package files (dist/index.js and dist/bin/jscrambler.js). This change allowed the malware to execute when the package was imported or its CLI was run, bypassing security tools that only scan install scripts and surviving npm install with the --ignore-scripts flag. The payloads themselves remained byte-for-byte identical across all malicious versions.
The malware’s capabilities were extensive. It targeted a broad range of secrets and credentials, including those for cloud providers (AWS, GCP, Azure), cryptocurrency wallets (MetaMask, Trust Wallet, Coinbase Wallet, Phantom, Exodus), AI coding assistants (Claude Desktop, Cursor, Windsurf, Factory, Zed, VS Code), messaging and collaboration tools (Discord, Slack, Telegram Desktop), browsers, gaming platforms, and OS keyrings. Sensitive strings within the malware were encrypted, and the payload container used a custom header and obfuscation to hinder analysis.
The attack surface included any environment where the affected jscrambler versions were installed, such as developer laptops, CI/CD runners, and automated build systems. Because the malicious code executed during installation or import, exposure could occur even if the package was never explicitly used in application code. The risk extended to source code, environment variables, build credentials, deployment tokens, and other secrets accessible to the npm process.
No evidence was found of persistence mechanisms beyond initial execution, but the potential for privilege escalation and lateral movement exists, especially in environments where the npm process runs with elevated privileges. The malware’s design implies automated exfiltration of harvested data, although the specific command-and-control infrastructure was not detailed in public reports.
The attack was detected within minutes by Socket and StepSecurity, whose automated analysis flagged the suspicious changes. Jscrambler responded rapidly, deprecating the affected versions and releasing clean updates. The official advisory confirms that 1,479 downloads of the malicious packages occurred before removal, and all affected versions have been deprecated and are no longer available through normal npm dependency resolution.
Affected Versions & Timeline
The affected packages and versions are as follows: jscrambler versions 8.14.0, 8.16.0, 8.17.0, 8.18.0, and 8.20.0; jscrambler-webpack-plugin 8.6.2; gulp-jscrambler 8.6.2; grunt-jscrambler 8.5.2; and jscrambler-metro-plugin 9.0.2. Clean versions are jscrambler 8.22.0, jscrambler-webpack-plugin 8.6.3, gulp-jscrambler 8.6.3, grunt-jscrambler 8.5.3, and jscrambler-metro-plugin 9.0.3.
The timeline of key events is as follows: On July 11, 2026, at 16:12:40 BST, the first malicious version was published. Detection by security vendors occurred within minutes. Over the next several hours, additional malicious versions were published, with evolving delivery mechanisms. By 18:12 BST, a clean version (8.22.0) was released. The official advisory was updated on July 13, 2026, with download counts and further details.
Threat Activity
The threat actor demonstrated advanced knowledge of npm security controls and evasion tactics. By leveraging stolen publishing credentials, they were able to inject malicious code into a widely used package and its dependencies. The rapid evolution from install-time execution to import-time execution indicates a deliberate attempt to evade detection and maximize impact. The malware’s target list suggests a financially motivated actor, with a focus on harvesting credentials for cloud services, cryptocurrency wallets, and developer tools.
No direct attribution to a known threat group has been made as of the latest update. The attack follows patterns seen in previous npm supply chain compromises, such as event-stream and ua-parser-js, where attackers exploit the trust inherent in open-source package ecosystems to reach downstream consumers.
The primary impact is the potential compromise of sensitive data and credentials from developer and CI/CD environments. Organizations in the software development, cloud, fintech, and AI sectors are at elevated risk due to the specific targeting of tools and services common in these industries.
Mitigation & Workarounds
Immediate removal of all affected versions is critical. Organizations should upgrade to jscrambler 8.22.0 or later and the corresponding safe versions of all dependent packages. All credentials and secrets accessible to environments where the affected packages were installed must be rotated, including cloud provider keys, CI/CD tokens, and any other sensitive information. Comprehensive auditing of systems that installed the malicious packages is required to detect evidence of compromise, such as unauthorized access, credential theft, or suspicious outbound connections.
Where possible, organizations should implement strict controls on package installation, such as pinning dependencies to known-safe versions, using package integrity verification, and restricting the use of install scripts. Monitoring for the specific hashes and package versions listed in the Indicators of Compromise section is recommended.
Indicators of Compromise
The following indicators are provided as a point-in-time reference and should be validated against your environment before enforcement. These IOCs are derived from primary technical sources and are defanged for safe publication.
Type | Indicator | Reported (date) | Source
|
SHA-256 | a742de963f14a92d24ebcbc7b44ac867e23a20d31d1b0094a13a4f83287f4e60 | 2026-07-11 | https://socket.dev/blog/jscrambler-supply-chain-attack |
SHA-256 | a41a523ef9517aab37ed6eea0ec881821bdcb7aefcb5c5f603adc7907f868c86 | 2026-07-11 | https://socket.dev/blog/jscrambler-supply-chain-attack |
SHA-256 | fbbcf4d8f98168f78f5c0c47a9ae56d59ec8ac84a7c9ca6b797fedfb8d62d2bd | 2026-07-11 | https://socket.dev/blog/jscrambler-supply-chain-attack |
SHA-256 | b7ca95d1b23c8e67416a25cedf741de0917c2096bbc9d24649eea7853d054903 | 2026-07-11 | https://socket.dev/blog/jscrambler-supply-chain-attack |
SHA-256 | c8fd47d36bdf7c825378593ab82ed8c24d1dc52e26b507812393e24e1d5201fd | 2026-07-11 | https://socket.dev/blog/jscrambler-supply-chain-attack |
References
https://socket.dev/blog/jscrambler-supply-chain-attack (2026-07-11), https://jscrambler.com/blog/security-advisory-malicious-npm-package (2026-07-11, updated 2026-07-13), https://www.stepsecurity.io/blog/behind-the-scenes-how-stepsecurity-detected-and-helped-remediate-the-largest-npm-supply-chain-attack (2026-07-11)
About Rescana
Rescana provides a Third-Party Risk Management (TPRM) platform that enables organizations to continuously monitor, assess, and respond to supply chain threats. Our platform supports rapid identification of vulnerable dependencies, automated risk scoring, and evidence-based incident response workflows. For questions about this report or to discuss supply chain risk management strategies, contact us at info@rescana.com.



