VDB
GCVE-110-OSM-2026-7722
GCVE-110-OSM-2026-7722
Advisory PublishedCVSS 9.6/10
Multiple versions of the jscrambler npm package were trojanized via compromised npm publishing credentials and published on July 11, 2026. Jscrambler confirmed the unauthorized publication in a security advisory the same day, noting that detection occurred within seconds due to unexpected maintainer notifications. The malicious versions execute a native binary dropper at install time via a preinstall lifecycle hook. The dropper writes platform-specific Rust-compiled binaries to a randomly-named hidden temporary file and launches them as a detached subprocess with suppressed output. The payload fingerprints the environment by probing cloud metadata endpoints and checking for Tor exit node status before proceeding. Versions 8.14.0, 8.16.0, 8.17.0, and 8.20.0 are confirmed affected per Jscrambler's advisory and have been deprecated on npm. Version 8.18.0 is additionally flagged as malicious by independent third-party analysis in the GitHub issue thread: the attacker removed the preinstall hook and moved the dropper directly into dist/index.js and dist/bin/jscrambler.js, causing it to fire at require() time rather than install time — evading the most common supply chain scanning heuristic. As of the time of this report, Jscrambler has not deprecated 8.18.0 on npm and has not responded to the third-party claim in the GitHub issue. Version 8.22.0 is confirmed safe. Only Jscrambler's Code Integrity product is affected — Webpage Integrity and other products were not impacted.
**Attack vector**
Compromised npm publishing credentials used to publish unauthorized versions.
Jscrambler rotated credentials and related secrets upon initial detection, but the
attacker retained access and published additional malicious versions (8.18.0, 8.20.0)
after the initial remediation attempt.
**Execution trigger — varies by version**
- 8.14.0, 8.16.0, 8.17.0: Preinstall lifecycle hook (`node dist/setup.js`).
Present in malicious versions; absent from prior clean releases (8.13.0 and earlier).
- 8.18.0, 8.20.0: Preinstall hook removed. Dropper IIFE injected directly at the top
of `dist/index.js` and `dist/bin/jscrambler.js`. Fires at `require()` time, not
install time. Not detectable by scanners that only inspect install scripts.
**Payload delivery**
Compressed native binaries embedded in `dist/intro.js` with magic header `1b:43:53:49:01`
(~7.8 MB payload bundle, byte-identical across 8.18.0 and 8.20.0).
Dropper writes payload to a randomly-named hidden temporary file, marks it executable,
and launches it as a detached subprocess with suppressed stdout/stderr.
**Self-dependency (8.18.0 and 8.20.0)**
Both versions add `"jscrambler": "^8.17.0"` as a self-dependency — a package depending
on its own name has no legitimate purpose and may attempt to force resolution to a
compromised version in some install topologies.
**Payload binaries**
Platform-specific native executables compiled with `rustc 1.98.0-nightly`:
- Linux: ELF64
- Windows: PE32+
- macOS: Mach-O arm64
**Environment fingerprinting**
Payload probes cloud metadata endpoints and Tor status before executing:
- `metadata[.]google[.]internal` — GCP metadata
- `169[.]254[.]170[.]2` — AWS ECS task metadata
- `169[.]254[.]169[.]254` — Azure IMDS
- `check[.]torproject[.]org/api/ip` — Tor exit node check
- Public DNS resolvers `1[.]1[.]1[.]1` and `8[.]8[.]8[.]8`
**Exfiltration**
Data sent via TLS POST requests to attacker-controlled drop servers.
Specific drop server domains not yet disclosed pending forensic investigation.
**File hashes (SHA-256)**
- `dist/setup.js`: `a742de963f14a92d24ebcbc7b44ac867e23a20d31d1b0094a13a4f83287f4e60`
- `dist/intro.js`: `a41a523ef9517aab37ed6eea0ec881821bdcb7aefcb5c5f603adc7907f868c86`
- `package.json`: `bba32ddeab075a5e5015eec50f5d2af364c95b848732c714aea6b6baf78f49f0`
- Linux ELF payload: `fbbcf4d8f98168f78f5c0c47a9ae56d59ec8ac84a7c9ca6b797fedfb8d62d2bd`
- Windows PE payload: `b7ca95d1b23c8e67416a25cedf741de0917c2096bbc9d24649eea7853d054903`
- macOS Mach-O payload: `c8fd47d36bdf7c825378593ab82ed8c24d1dc52e26b507812393e24e1d5201fd`
**Timeline**
- 2026-07-11 15:12 UTC — Malicious versions 8.14.0, 8.16.0, 8.17.0 published to npm
- 2026-07-11 15:12 UTC — Detection triggered by unexpected maintainer notifications
- 2026-07-11 ~15:12 UTC — Deprecation of initial versions initiated; credentials rotated
- 2026-07-11 ~17:00 UTC — 8.18.0 published; preinstall hook removed, dropper moved to dist/index.js and dist/bin/jscrambler.js; 8.18.0 not deprecated as of time of report
- 2026-07-11 ~17:00 UTC — 8.20.0 published; byte-identical payload to 8.18.0
- 2026-07-11 ~18:00 UTC — 8.22.0 published (confirmed clean)
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | jscrambler | 8.14.0, 8.16.0, 8.17.0, 8.18.0, 8.20.0 (affected) | — |
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.