How a preinstall hook silently ran malware on npm install
A malicious version of the npm package jscrambler used a preinstall hook to deploy a Rust infostealer on developer machines. The attack targeted browser credentials, crypto wallets, and Bitwarden vaul…