Tenable flags npm supply chain attack

Tenable Research has identified an npm supply chain attack involving a malicious package uploaded to the public npm registry. The package, named “amber-src,” was designed to imitate the legitimate “ember-source” package and was downloaded approximately 50,000 times before removal.

The incident underscores the speed and scale at which modern supply chain attacks can spread within developer ecosystems.

Attack triggered at installation stage

What makes this npm supply chain attack distinct is its execution method. The malware did not require developers to run the package after installation. Instead, a hidden preinstall script executed automatically the moment the installation command was entered.

While users observed a standard installation progress indicator, the malicious script operated in the background. It identified the victim’s operating system and deployed malware accordingly.

The attack targeted systems across:

• Windows

• macOS

• Linux

This cross-platform capability increased the scope of potential compromise.

Typosquatting at the core

The attackers employed a technique known as typosquatting. The malicious package “amber-src” was crafted to closely resemble “ember-source,” a widely used and trusted package with more than 11 million downloads.

Unlike cases where legitimate software is later compromised, this package was created solely for malicious intent. It served no functional purpose other than delivering malware during installation.

Ari Eitan, Director for Research at Tenable, highlighted the underlying risk in a statement:

“The true danger of this package lies in how it weaponizes a simple human mistake. Developers often assume that if a package is available on a public registry, it is safe to download. By hiding the attack inside the installation process, hackers ensure they are inside your system before you've even had a chance to verify the code.”

The comment points to a broader behavioural vulnerability in software development workflows.

Rapid publication and removal

The malicious version of the package was published on February 16, 2026. It was removed from the npm registry within five hours.

Despite the quick takedown, the exposure window was sufficient to generate approximately 50,000 downloads. Any system where “amber-src” remains present should be considered fully compromised, according to the findings.

The speed of both deployment and distribution illustrates the operational tempo of modern npm supply chain attack campaigns.

Implications for development environments

Tenable Research has urged organisations to audit their development environments and CI/CD pipelines for any presence of the malicious package.

Recommended actions include:

• Reviewing installed npm dependencies

• Inspecting CI/CD pipelines for package references

• Initiating standard incident response protocols if detected

The episode highlights a structural issue within open software ecosystems. Public registries enable rapid innovation and distribution, but they also create opportunities for exploitation through naming deception and automated installation scripts.

A broader supply chain concern

This npm supply chain attack reinforces a recurring lesson for enterprises and developers: trust in public repositories must be balanced with verification controls.

The attack succeeded not through complex exploitation but through process automation and human error. A single mistyped command triggered a background script that bypassed manual code review.

For organisations relying on open-source components, dependency management and continuous monitoring remain critical. The removal of the malicious package closes one chapter, but the method itself remains a viable threat vector.

As software supply chains grow more interconnected, such incidents are likely to test how quickly organisations can detect and contain silent compromises within their development workflows.

Read More: 

Google India Managing Director role expands with Roma Datta Chobey

90% of ransomware exploited firewalls in 2025: Barracuda Report