Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to malware
Malware

ambar-src

ambar-src is a malicious npm package (software supply-chain malware) disclosed by Tenable. It was uploaded to npm on 2026-02-13 and reportedly reached >50,000 downloads before removal. The package abuses npm’s preinstall script hook to execute malicious code (index.js) during installation and then retrieves OS-specific payloads from x-ya[.]ru.

Behavior/capabilities by platform (as described):

  • Windows: downloads and executes msinit.exe containing encrypted shellcode, which is decoded and loaded into memory.
  • Linux: executes a bash script that retrieves an ELF payload acting as an SSH-based reverse-shell client.
  • macOS: uses osascript to run JavaScript for Automation (JXA) that drops Apfell, a Mythic C2 framework JXA agent. Apfell is described as capable of reconnaissance, screenshot collection, Google Chrome data theft, and password capture via a fake prompt.

Exfiltration/infrastructure: Tenable stated collected data is exfiltrated to a Yandex Cloud domain to blend with legitimate traffic.

Relationships/notes: Tenable assessed ambar-src is a more mature variant of the rogue npm package eslint-verify-plugin (previously flagged by JFrog), which was reported to drop Mythic agents Poseidon and Apfell on Linux and macOS.

Impact assessment: Tenable advised that systems where ambar-src is installed or running should be considered fully compromised, and that removing the npm package may not remove all resulting malware.

Share:
For your environment

Hunt this family in your stack

Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.

Start free trial
ACTIVITY FEED

Recent activity

3 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

3 SOURCESView more in app
security affairsNews
Mar 1, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

Malicious npm package used in a developer-targeting open-source/supply-chain compromise context.

Read more
security affairsNews
Mar 1, 2026
Security Affairs newsletter Round 565 by Pierluigi Paganini - INTERNATIONAL EDITION

Malicious npm package used as an open-source/supply-chain vector targeting developers.

Read more
the hacker newsNews
Feb 25, 2026
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Malicious npm package that executes during installation via a preinstall hook and pulls OS-specific payloads from attacker infrastructure: Windows downloads/executes msinit.exe containing encrypted shellcode loaded in-memory; Linux downloads a bash script that retrieves an ELF SSH-based reverse shell client; macOS drops the Mythic agent Apfell (JXA) for recon, screenshots, Chrome data theft, and password capture via fake prompt. Exfiltrates collected data to a Yandex Cloud domain to blend with legitimate traffic.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets match these IOCs, which detections are missing, which campaigns to expect next, and what to do in the next 30 minutes.
Start free trial
IOC matching

Match every observed IP, domain, and hash against your live telemetry.

Threat actor attribution

Named campaigns wielding this family, with evidence pinned to each claim.

Exploited vulnerabilities

CVEs this family uses for access and lateral movement.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

MITRE ATT&CK mapping

Every documented technique, ranked by evidence weight.

Researcher chatter

Reddit, Mastodon, and CTI community discussion around this family.