AHLS A.I CyberSecurity Scoring
AHLS
Company Information
Website:https://aws.amazon.com/health/
Employees number:None
Number of followers:13,247
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:amazon.com
AHLS Risk Score (AI oriented)
Between 700 and 749
AHLSIT Services and IT Consulting
Updated:
15/05/2026
15/05/2026
738/1000
Moderate
Ba
AHLS Global Score (TPRM)
xxxx
AHLSIT Services and IT Consulting
Score locked

AHLSModerate
Current Score
738Ba (MODERATE)
01000
1 incidents
-17 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
740
JUNE 2026
739
MAY 2026
755
Cyber Attack
15 May 2026 • AHLS
node-ipc and AWS: 822K-Download node-ipc Package Compromised in Supply Chain Breach
Sophisticated Supply Chain Attack Targets Popular npm Package node-ipc
738
CRITICAL-17
AWSSOC1778833973
Sophisticated Supply Chain Attack Targets Popular npm Package *node-ipc*
A widely used npm package, node-ipc downloaded over 822,000 times weekly has been weaponized in a supply chain attack, exposing JavaScript developers to credential theft and backdoor access. Security researchers at Socket identified malicious versions (9.1.6, 9.2.3, and 12.0.1) of the package, which were published on May 14, 2026, shortly before detection.
Unlike typical npm attacks, this campaign embedded malware directly into the package’s CommonJS entry point (node-ipc.cjs), executing automatically upon requiring the library. The ESM version remained unaffected, limiting exposure to applications using `require("node-ipc")`.
The obfuscated malware conducts system fingerprinting, harvesting sensitive data including cloud credentials (AWS, Azure, GCP, OCI), SSH keys, Git tokens, Kubernetes/Docker configs, .env files, and CI/CD secrets before compressing and encrypting it into a `.tar.gz` archive at `/tmp/nt-<pid>/`. Exfiltration occurs via covert DNS TXT queries to attacker-controlled domains (sh.azurestaticprovider[.]net, bt.node[.]js), evading standard network monitoring by splitting data into small chunks.
Investigators traced the attack to a hijacked npm maintainer account (atiertant), where an expired email domain allowed credential resets without breaching npm’s infrastructure. This tactic underscores a growing risk: dormant maintainer accounts as silent entry points for supply chain attacks.
The incident follows node-ipc’s prior involvement in a 2022 geo-targeted malware campaign, raising concerns about repeated compromise or deliberate reintroduction. Security teams are advised to monitor DNS logs for unusual TXT query bursts and block listed domains.
Indicators of Compromise (IOCs):
- Malicious packages: [email protected], 9.2.3, 12.0.1
- Exfiltration domains: sh.azurestaticprovider[.]net, bt.node[.]js
- DNS patterns: xh., xd., xf.* subdomains
- Temp file path: `/tmp/nt-<pid>/<machineHex>.tar.gz`
- Anomalous timestamp: October 26, 1985 (file artifacts)
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
755
MARCH 2026
755
FEBRUARY 2026
755
JANUARY 2026
755
DECEMBER 2025
755
NOVEMBER 2025
755
OCTOBER 2025
755
SEPTEMBER 2025
755
AUGUST 2025
755
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for AHLS ??
What was AHLS's A.I Rankiteo Cyber Score in June 2026 ??
What was AHLS's A.I Rankiteo Cyber Score in May 2026 ??
What was AHLS's A.I Rankiteo Cyber Score in April 2026 ??
What was AHLS's A.I Rankiteo Cyber Score in March 2026 ??
What was AHLS's A.I Rankiteo Cyber Score in February 2026 ??
What was AHLS's A.I Rankiteo Cyber Score in January 2026 ??
What was AHLS's A.I Rankiteo Cyber Score in December 2025 ??
What was AHLS's A.I Rankiteo Cyber Score in November 2025 ??
What was AHLS's A.I Rankiteo Cyber Score in October 2025 ??
What was AHLS's A.I Rankiteo Cyber Score in September 2025 ??
What was AHLS's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on AHLS's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with AHLS ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view AHLS's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?