
Popular Developer Tool Compromised With Malicious Software. Users Need to Act
A software package used by website developers was hacked to secretly install data-stealing software on computers. This affects developers who installed version 8.14.0.
Source
The Hacker News
Original headline: Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install
Plain-English summary by GetCyberRight. Read the full report at the source above.
A software package called jscrambler, which is used by website developers, was compromised by attackers. On July 11, 2026, hackers released a malicious version 8.14.0 that secretly installed data-stealing software on any computer that installed it. The malicious software worked on Windows, Mac, and Linux computers. A security company called Socket detected the problem just six minutes after it was published. This primarily affects people who build websites and software applications. If you or someone in your household is a developer who uses npm packages for web development, this is important. If you installed jscrambler version 8.14.0, the malicious software ran automatically during installation and may have stolen information from your computer. Most everyday internet users who don't develop software are not directly affected by this specific incident.
If you are a developer who installed jscrambler 8.14.0, take immediate action. First, assume your computer has been compromised and disconnect it from the internet right away. Second, scan your entire system with updated antivirus software. Third, change all your important passwords from a different, clean device. This includes passwords for email, banking, work accounts, and any code repositories. Fourth, check your computer for any suspicious programs or processes running in the background and remove anything unfamiliar. Fifth, notify your workplace IT security team if you installed this on a work computer. For long-term protection, whether you're a developer or not, be cautious about what software you install on your computer. Only download programs from trusted sources and official websites. Keep your antivirus software running and updated. Pay attention to security alerts about the tools and programs you use regularly.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
If you're a developer, use security tools that can scan packages before you install them, and stay informed about security advisories in the development community.
Curated from trusted cybersecurity sources by GetCyberRight
Source: The Hacker NewsStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

International Operation Arrests 28 in Child Exploitation Cases
Law enforcement across seven countries arrested suspects involved in child sexual exploitation using cryptocurrency and the dark web.
2 min read
International Police Operation Leads to 28 Arrests for Child Exploitation
Police across seven countries arrested 28 people for crimes against children online. The operation shows how criminals use cryptocurrency and the dark web.
2 min read
Dangerous Software Package Infected Computers During Installation
A popular developer tool called jscrambler was hijacked. If anyone in your household does coding or web development, read this carefully.
2 min read
Police Data Breach in Pakistan: What It Means for Your Digital Safety
Hackers compromised police systems in Pakistan that store citizen information. Learn why protecting your personal data matters wherever you live.
2 min read