New Malicious npm Package "ambar-src" Targets Developers with Open Source Malware

Ali Nemati5 days ago33 sec read79 views

A new malicious npm package named "ambar-src" has been identified targeting developers through open-source malware. Despite being available for only three days, it was downloaded over 50,000 times. The package uses a preinstall script to execute code during installation and employs several detection evasion techniques. It deploys sophisticated payloads tailored to the host's operating system, potentially leading to full compromise of infected hosts and network pivoting. Tenable Cloud Security can be used to detect the presence of this malicious package in cloud environments.

Read the full article at Security Boulevard

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

Comments

GCHQ seeks new CISO - but slated over £90k salary

GCHQ is advertising for a new CISO position offering a salary of £96,981 to £130,000, reflecting an attempt to attract top talent in cybersecurity ami...GCHQ is advertising for a new CISO position offering a salary of £96,981 to £130,000, reflecting an attempt to attract top talent in cybersecurity amid recruitment challenges. The role emphasizes expertise in securing cloud environments and emerging ...

Ali Nemati

Cybersecurity3 days ago22 sec read

AI-Driven Development Fuels Surge in Open Source Vulnerabilities, Black Duck Finds

Black Duck's report reveals a surge in open source security vulnerabilities and licensing risks due to AI-assisted software development, with vulnerab...Black Duck's report reveals a surge in open source security vulnerabilities and licensing risks due to AI-assisted software development, with vulnerabilities per application increasing by 107%. This highlights the need for improved governance practic...

Ali Nemati

Cybersecurity4 days ago24 sec read

Untrusted repositories turn Claude code into an attack vector

Researchers found critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and API key theft when users interact with untr...Researchers found critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and API key theft when users interact with untrusted repositories. This highlights a new AI supply chain threat where configuration files can now a...

Ali Nemati

Cybersecurity4 days ago36 sec read

Your MRI is Online: The Hidden Risks of Exposed DICOM Servers in UK Healthcare

Healthcare IT environments face challenges due to legacy protocols, complex third-party integrations, and rapid cloud adoption, leading to unintended ...Healthcare IT environments face challenges due to legacy protocols, complex third-party integrations, and rapid cloud adoption, leading to unintended exposure of critical systems like DICOM servers to the internet. This exposes healthcare organizatio...

Ali Nemati

Cybersecurity4 days ago31 sec read

Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign

Mandiant, a Google subsidiary, disrupted an APT campaign by China's Ministry of State Security targeting telecommunications and satellite operators wo...Mandiant, a Google subsidiary, disrupted an APT campaign by China's Ministry of State Security targeting telecommunications and satellite operators worldwide. The campaign used malware called GRIDTIDE, which employed Google Sheets for command-and-con...

Ali Nemati

New Malicious npm Package "ambar-src" Targets Developers with Open Source Malware

Related Articles

GCHQ seeks new CISO - but slated over £90k salary

AI-Driven Development Fuels Surge in Open Source Vulnerabilities, Black Duck Finds

Untrusted repositories turn Claude code into an attack vector

Your MRI is Online: The Hidden Risks of Exposed DICOM Servers in UK Healthcare

Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign