Xygeni Malicious Code Digest 4: Over 20 packages discovered

This week, we confirmed over 20 packages flagged as malicious among the thousands of analyzed new packages and updates published in the open-source package registries. 

Xygeni Malicious Code Digest

In the latest Xygeni Malicious Code Digest, we have highlighted over 20 malicious packages that infiltrated the npm registry. This breach reveals a significant vulnerability within the software supply chain ecosystem.

Total of Maliocus NPM Packages Detected

🚨 (npm) @pocdz/crm-components:3.23.0

🚨 (npm) barrio_sass:8.4.1

🚨 (npm) cta-onboard-express:2.0.0

🚨 (npm) editor-languages:1.0.1

🚨 (npm) editor-languages:1.0.3

🚨 (npm) editor-languages:1.0.4

🚨 (npm) fury-sites:1.11.6

🚨 (npm) income_access_npm_config:1.0.0

🚨 (npm) input-fns:1.0.3

🚨 (npm) link-ui-i20n:1.0.0

🚨 (npm) link-ui-i21n:1.0.0

🚨 (npm) link-ui-i22n:1.0.0

🚨 (npm) link-ui-i23n:1.0.0

🚨 (npm) link-ui-i24n:1.0.0

🚨 (npm) looleh-ts:9.9.9

🚨 (npm) skinport-rest-docs:0.0.1

🚨 (npm) syfadis.experience:1.0.0

🚨 (npm) system-info-sender:2.0.3

🚨 (npm) tcm-app-migration-miles-react:1.0.0

🚨 (npm) this-will-fail:1.0.1

🚨 (npm) walkme-killer:1.0.0

 

Protect Your Application against Malicious Open Source Dependencies 

Xygeni Early Malicious Code Detection supports you by automatically analyzing any new or updated open-source package. We notify you as soon as we detect any suspicious evidence of malware and add the dependency to a blacklist so you can halt the automatic build or delivery of your application before any infection risks.

With Early Detection and Early Warning mechanisms, Xygeni ensures the security and integrity of your applications.

sca-tools-software-composition-analysis-tools
Prioritize, remediate, and secure your software risks
14-day free trial
No credit card required

Secure your Software Development and Delivery

with Xygeni Product Suite

Start Your Free 7-day Trial

Start exploring Xygeni’s AppSec platform your way — no credit card needed.

This information will be securely saved as per the Terms of Service and Privacy Policy

Take a guided tour and see how Xygeni identifies and fixes software vulnerabilities.

Scan Your Own Repos

Your source code is never uploaded.
your privacy stays in your hands

Get started with one click
No credit card required.

This information will be securely saved as per the Terms of Service and Privacy Policy