ROT13 with eval() Payload Obfuscation
discovered 2026-06-264.8 MB index.js payload obfuscated with a fixed ROT13 shift and executed via direct eval(). Wave 5 simplification vs Wave 4 (LeoPlatform): no AES-128-GCM decryption layer, no per-package key variation. ROT13 is statically recoverable without key material. Payload content post-eval is unconfirmed (analysis ongoing as of 2026-06-26).