Npm malware today continues to evolve, with attackers publishing malicious code, malicious npm packages, and pypi malicious packages designed to target development workflows, CI/CD pipelines, and open-source ecosystems. The Malicious Code Digest is Xygeni’s ongoing research report that tracks and verifies real malicious packages across npm and PyPI, including confirmed backdoors, data-stealers, credential exfiltration payloads, and automated multi-version malware campaigns.
Our research team updates this page regularly with validated findings, indicators of compromise (IOCs), behavioral patterns, and technical analysis. As a result, developers, AppSec teams, and security engineers can stay ahead of npm malware today and emerging malicious package activity impacting modern software supply chains.
NPM Malware Today: Weekly Summary 26 Dec 2025 – 2 Jan 2026
Researchers confirmed 79 new malicious packages, all of them in npm. This activity was dominated by automation-driven version clusters and enterprise-style tooling impersonation, consistent with late-2025 npm malware campaigns.
Key highlights of Malicious Code
Large multi-version automation clusters
- Massive publishing waves across
github-badge-bot (1.6.x → 1.14.x) and
tiny-model-update (1.16.x → 1.18.x) - Sequential releases with nearly identical metadata, indicating scripted pipelines rather than manual publishing
- Pattern consistent with automation-at-scale malicious code campaigns
Reappearance of known malicious families
- @ikarem/telemetry returned with multiple 100.x and 101.x versions
- Continues the trend of internal SDK and telemetry impersonation targeting CI/CD workflows
Enterprise & DevTools-style impersonation
- Additional malicious packages included
baas-admin-sdk, npm-xmt, float-kit, eb-csr, cdd-plugin-for-datawarrior - Naming conventions designed to blend into developer and automation environments
Version-inflation as an evasion tactic
- Rapid patch sequencing and inflated version tracks used to create false maturity signals
- Intended to bypass trust heuristics and reputation-based filters
Single-ecosystem focus
- All confirmations occurred in npm
- No PyPI malicious packages detected during this period
Monthly Malware Report: Confirmed Malicious npm Packages in December 2025
In December 2025, Xygeni analyzed and reported more than 280 confirmed malicious packages across npm and PyPI. This monthly report consolidates all verified malicious packages, npm malware, and PyPI malicious packages detected during the month, including those identified in the final publishing week.
December showed sustained automation-driven malware activity, with multiple families abusing multi-version publishing, version inflation, and enterprise-style tooling impersonation to bypass registry trust signals. Many of these attacks were designed to infiltrate developer environments, CI/CD workflows, and internal dependency pipelines rather than end-user applications.
This update forms part of our ongoing Malicious Code Digest, where the Xygeni research team confirms new threats, validates Indicators of Compromise, and provides continuous visibility into npm malware today. To review the full list of malicious packages and weekly confirmations, visit the complete digest for December.
| Ecosystem | Package | Date |
|---|---|---|
| npm | secguest-lib:1.0.0 | Dec 19, 2025 |
| npm | ppppparserfruit:0.30.1 | Dec 19, 2025 |
| npm | viktorparserctf5:1.0.0 | Dec 19, 2025 |
| npm | viktorparserctf7:1.0.0 | Dec 19, 2025 |
| npm | viktorparserctf8:1.0.0 | Dec 19, 2025 |
| npm | @aa-techops-ui/ping-authentication:1.0.6 | Dec 23, 2025 |
| npm | @aa-techops-ui/ping-authentication:3.99.99 | Dec 23, 2025 |
| npm | @aa-techops-ui/ping-authentication:2.99.99 | Dec 23, 2025 |
| npm | @aa-techops-ui/ping-authentication:4.99.99 | Dec 23, 2025 |
| npm | @aa-techops-ui/ping-authentication:5.99.99 | Dec 23, 2025 |
| npm | xbox-bottomnav:99.9.9 | Dec 19, 2025 |
| npm | sarumaan_a:1.1.2 | Dec 19, 2025 |
| npm | @ikarem/telemetry:100.1.0 | Dec 19, 2025 |
| npm | @ikarem/telemetry:100.1.1 | Dec 19, 2025 |
| npm | shaktihacker2026:99.9.0 | Dec 22, 2025 |
| npm | utif-updated:99.0.0 | Dec 23, 2025 |
How We Detect Malicious Code in npm Malware and PyPI Malware
Xygeni uses multi-layered techniques to stop malicious code before it spreads. First of all, static code analysis detects obfuscation patterns, hidden payloads, and script abuse. In addition, behavioral sandboxing analyzes install hooks, runtime commands, and persistence tricks. Moreover, machine learning detection identifies zero-day npm malware and pypi malware variants missed by signature scanners. Finally, the Early Warning System monitors public repositories in real time, validates findings, and alerts DevOps teams immediately.
As a result, this combination ensures developers receive fast, actionable intelligence integrated directly into CI/CD workflows.
Why Developers Should Care About Malicious npm Packages
Modern threats rarely wait for runtime. For example, malicious npm packages often execute during installation, while pypi malicious packages hide token exfiltration or backdoors. Attackers:
- Flip private GitHub repos to public to replicate them.
- Exfiltrate credentials and secrets using encoded payloads.
- Use obfuscated JavaScript loaders to deploy ransomware or botnets.
In fact, malicious open-source packages surged 156% in one year. Therefore, teams that rely only on delayed feeds or basic scanners fall behind.
What This Malware Report Tracks in npm and PyPI
This digest is the central hub for:
- Confirmed malicious npm packages
- Confirmed pypi malicious packages
- Behavior-based detections of malicious code
- Registry-confirmed incidents
- Weekly and monthly malware report summaries
- Historical changelog of all npm malware and pypi malware findings
In other words, it provides a single point of reference. The research team at Xygeni updates this page weekly with links to full technical analyses and GitHub IOCs.
How to Protect Against Malicious npm Packages and PyPI Malware
Because of this growing risk, organizations need more than basic dependency checks. Strong defenses against malicious npm packages and pypi malicious packages require both preventive controls and runtime enforcement:
Enforce Lockfile-Only Installs Against Malicious npm Packages
Use npm ci or pip install --require-hashes in CI/CD.
This ensures the exact dependency tree defined in lockfiles is used. As a result, attackers cannot slip in modified or typosquatted versions of malicious npm packages.
Pre-Install Scanning for npm Malware and PyPI Malware
Integrate Xygeni’s Early Warning Engine to scan npm malware and pypi malware before packages reach your environment.
Moreover, detect suspicious postinstall scripts, obfuscated loaders, or hardcoded C2 URLs.
Guardrails to Block Builds with Malicious Code
Set guardrails to fail builds automatically if confirmed malicious npm packages or pypi malicious packages are detected.
For example, break builds on packages with unpublished maintainers, obfuscation patterns, or IOC matches. Consequently, malicious code never passes unnoticed.
Generate and Validate SBOMs Against Malicious npm Packages and PyPI Malware
Create SBOMs (CycloneDX, SPDX) for every build.
Afterward, compare against known malicious npm packages and pypi malware feeds to track both direct and transitive dependencies.
Credential and Token Protection from npm Malware and PyPI Malware
Many malicious npm packages try to read .npmrc, .pypirc, or environment variables.
Therefore, run builds in hardened containers with minimal secrets exposed. Additionally, use secrets managers instead of environment variables to block malicious code abuse.
Monitor Registry and Maintainer Changes in Malicious npm Packages
Attackers often hijack abandoned projects.
In particular, watch for sudden maintainer swaps, unusual versioning jumps, or excessive publishes in npm malware and pypi malicious packages.
Developer Training on Detecting Malicious Code in npm and PyPI
Teach teams to spot red flags such as:
- Package names with typos (
reqeustinstead ofrequest). - Unusual
installorpreparescripts. - Recently created packages with suspiciously high version numbers.
Above all, this awareness helps detect malicious code early.
Runtime Anomaly Detection for Malicious npm Packages and PyPI Malware
Even if malware bypasses static checks, runtime detection in CI/CD can catch:
- Unexpected network connections.
- File system modifications outside expected directories.
- Persistence attempts across jobs.
Finally, this ensures npm malware and pypi malware threats are stopped even after installation.
By combining these controls, teams prevent malicious npm packages and pypi malicious packages from ever reaching production pipelines.
Try Xygeni’s Malware Detection Tools
Xygeni delivers:
- Real-time detection of malicious code, including backdoors, spyware, and ransomware.
- In contrast to basic scanners, analysis across npm, PyPI, Maven, NuGet, RubyGems, and more.
- Automatic build blocking when the malware report identifies risk.
- Exploitability insights, maintainer reputation checks, and anomaly detection.
Stay Informed
Our team updates this page every week. To receive alerts and detailed reports:
- Subscribe to our Newsletter
- Follow @XygeniSecurity on Linkedin
- Bookmark this page to track the latest npm malware and pypi malware threats
