Tenable Research has detailed a malicious npm package that illustrates how quickly modern software supply chain risks can propagate once they enter public ecosystems. The package, named “ambar-src”, was downloaded around 50,000 times from the npm registry before removal, despite having no legitimate functionality and existing solely as a malware delivery vehicle. It was designed to mimic the widely used “ember-source” package, which has over 11 million downloads, in an attempt to turn a minor typing error into full system compromise for developers on Windows, Linux and macOS.
Typosquatting Turns a Typo into Full Compromise
Unlike attacks where adversaries compromise an existing trusted package, “ambar-src” was malicious from the outset and relied on typosquatting as its initial access vector. By registering a name closely resembling a popular framework dependency, the attackers aimed to capture developers who accidentally typed the wrong package name in their install commands. Tenable’s analysis shows that the danger does not depend on a developer ever importing or running code from the package in their application. Instead, the threat abuses npm’s “preinstall” script hook, which executes automatically during installation.
As soon as a developer runs an “npm install” that resolves to “ambar-src”, the preinstall script is triggered in the background while a normal progress bar is displayed in the terminal. That script identifies the host operating system and issues a one‑liner command to fetch and run an additional loader from a remote server, with different payloads for Windows, Linux and macOS. Tenable reports that these payloads include powerful open‑source malware components that provide high‑level control over compromised machines and use techniques such as hex‑encoding of commands and traffic blending with legitimate services to evade detection.
Five-Hour Registry Window, Long-Tail Exposure
Tenable’s timeline indicates that “ambar-src” was first uploaded to npm on 13 February 2026 without malicious code and later updated with a weaponised version on 16 February. The npm team removed the malicious version in less than five hours after it was published, and a GitHub advisory was issued marking the package as unsafe. However, telemetry and download statistics suggest that approximately 50,000 downloads occurred in that short window, underscoring how quickly a single rogue package can spread across individual developer workstations, CI/CD runners and cloud workloads.
Tenable and other researchers advise that any workload or host where “ambar-src” is found should be treated as fully compromised, with incident responders assuming potential credential theft, backdoor installation and lateral movement. Recommended actions include scanning development endpoints and build images for the package, reimaging affected systems where necessary, rotating secrets and access keys, and reviewing logs for unusual outbound connections to indicators such as the x-ya[.]ru domain.
