Breach404
Back to Insights
Cybersecurity2 min readJuly 11, 2026

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

Version 8.14.0 of the popular jscrambler npm package was compromised and distributed malware—specifically a Rust-based information stealer—that executes during installation and can harvest sensitive data from affected systems. If your organization uses js

Could your website be vulnerable to attacks like this?

Run a free 10-point security scan on your site — headers, SSL, DNS, and more. Results in 15 seconds.

Test Your Site Now — It's Free