Hackers backdoor Jscrambler npm package with infostealer malware

Summary

A malicious version of the Jscrambler npm package was published by a threat actor, containing infostealer malware. This compromised package has been downloaded nearly 1,500 times.

IFF Assessment

FOE

The compromise of a widely used npm package with infostealer malware poses a direct threat to developers and their systems, representing bad news for defenders.

Defender Context

This incident highlights the ongoing risks associated with supply chain attacks targeting popular developer tools like npm packages. Defenders should monitor for the presence of this malicious package within their development environments and ensure robust software composition analysis (SCA) practices are in place to detect compromised dependencies.

Read Full Story →