Security News Hackers backdoor Jscrambler npm package with infostealer malware BleepingComputer Daniel Bender 13 Jul 2026 Share The Jscrambler client-side web security company disclosed that a threat actor published a malicious version of its npm package that has been downloaded almost 1,500 times.