Malicious Code Digest 75

Xygeni Malicious Code Digest 75

Every week, our malware detection systems scan thousands of new and updated packages across public registries like npm and PyPI. This week was no exception.

We confirmed over 200 malicious packages between June 12t and June 19th, 2026, predominantly across npm, with additional cases in PyPI. Several appeared in coordinated clusters, repeated malicious releases published under the same names or across closely related package families.

The standout case this week was sensivity, which flooded npm with over 70 versioned releases across the 2.5.x range, confirmed across multiple days. Other notable clusters included a wave of @solana-labs typosquats targeting the Solana ecosystem (web3.js, web3-js, etherjs, spl-toke, ancor, web3js — across two separate publishing campaigns on Jun 7 and Jun 8), the @nstrlabs family (sdk, ixel, utils, shared-components, api-client, auth — dependency confusion attack against an internal package namespace), the @klapp-login-platform group (native-sdk, oidc, routes — impersonating an authentication platform), internallib_v557 and internallib_v984 (multiple versions of obfuscated internal library impostors), pocteszep (6 versions published on Jun 11), and a cluster of crypto and Web3 utilities including blockchain-helper-0, ethereum-kit-1, ethereum-kit-9, crypto-utils-7, wallet-sdk-9, defi-tools-39, swap-sdk-87, and farming-tools-12. The morningstar-design-system package appeared in three versions on Jun 10, impersonating a well-known financial design system.

From Jun 13 onward, the pace accelerated. The houzidawang806 cluster alone accounted for over 25 versions published in a single day, joined by siblings houzidawang807 and houzidawang808. The metrics-pipeline-d8k2 package was republished continuously across 21 versions between Jun 15 and Jun 18 — a sustained evasion campaign designed to stay ahead of blocklists. The friendly-greeter-demo package kept reappearing across versions throughout the week. New dependency confusion attempts surfaced under xy-shared, axl-ui, loadninja-shared, carousel-controller-mixin, token-prices-cron, hemi-supply-cron, portal-backend, vault-strategies, and several others — all carrying inflated version numbers in the 999.x range. A fresh cluster of generic utility names with random hex suffixes (color-utils-dee0, data-utils-d703, string-tools-be6c, type-check-816d, fmt-helpers-794b, metrics-probe-*) appeared on Jun 18–19, consistent with scripted bulk registration. The week closed with trimprompt, trimprompt-hub, claude-cup, and web3-crypto-address-utils confirmed on Jun 19. In PyPI, neuralbridge-sdk (five versions across 4.5.x–5.1.x), deepstrain, teambot-ai, hello-test-s1, and aiaddin-agent were confirmed across the week.

These were not isolated anomalies. What stood out this week was the concentration of dependency confusion attacks against internal package namespaces, the sustained multi-day publishing campaigns designed to outlast takedowns, the continued targeting of Web3 and DeFi tooling (a pattern that has accelerated significantly in 2026), and a growing use of generic, noise-like package names engineered to evade detection by blending into normal dependency trees.

This weekly snapshot is part of our ongoing Malicious Code Digest, where we validate new threats and provide actionable intelligence to help DevSecOps teams protect their pipelines before damage occurs. Let’s break down what we found this week and why it matters.

Ecosystem Package Confirmed
npmecto-corsair-whisper-6f3b9:1.0.18Jun 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.17Jun 12, 2026
npmecto-nightly-spirit:1.1.0Jun 12, 2026
npmecto-corsair-flag-x9m4:1.0.0Jun 12, 2026
npmecto-rust-read-f3a9c1:1.0.2Jun 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.16Jun 12, 2026
npmecto-rust-read-f3a9c1:1.0.1Jun 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.15Jun 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.14Jun 12, 2026
npminternallib_v984:1.0.3Jun 15, 2026
npminternallib_v984:1.0.4Jun 15, 2026
npminternallib_v984:1.0.2Jun 15, 2026
npminternallib_v557:1.0.4Jun 15, 2026
npminternallib_v557:1.0.7Jun 15, 2026
npminternallib_v557:1.0.9Jun 15, 2026
npminternallib_v557:1.0.10Jun 15, 2026
npminternallib_v557:1.0.15Jun 15, 2026
npminternallib_v557:1.0.16Jun 15, 2026
npminternallib_v557:1.0.18Jun 15, 2026
npmcoral-wraith:1.0.0Jun 12, 2026
npminternallib_v557:1.0.21Jun 15, 2026
npminternallib_v557:1.0.22Jun 15, 2026
npmnpm-sandbox-research-d7e8:1.0.0Jun 18, 2026
npmnpm-sandbox-research-a1b2:1.0.0Jun 18, 2026
npmnpm-sandbox-research-c5d6:1.0.0Jun 18, 2026
npmnpm-sandbox-research-9c4e:1.0.0Jun 18, 2026
npmnpm-sandbox-research-8b2f:1.0.0Jun 18, 2026
npmnpm-sandbox-research-e9f0:1.0.0Jun 18, 2026
npmnpm-sandbox-research-f1g2:1.0.0Jun 18, 2026
npmtsc-mesh:1.0.0Jun 13, 2026
npmfriendly-greeter-demo:1.0.6Jun 13, 2026
npmfriendly-greeter-demo:1.0.4Jun 13, 2026
npmfriendly-greeter-demo:1.0.3Jun 13, 2026
npmfriendly-greeter-demo:1.0.2Jun 13, 2026
npmfriendly-greeter-demo:1.0.9Jun 13, 2026
npmtsc-ai:1.2.1Jun 13, 2026
npmtsc-lotl:1.0.2Jun 13, 2026
npmtsc-mesh:1.0.1Jun 13, 2026
npmtsc-ai:1.2.0Jun 13, 2026
pypineuralbridge-sdk:4.5.4Jun 13, 2026
npmnpm-sandbox-research-g3h4:1.0.0Jun 18, 2026
npmpostinstall-logger-7x9z:1.0.0Jun 18, 2026
npmhouzidawang806:1.0.0Jun 13, 2026
pypineuralbridge-sdk:5.0.0Jun 13, 2026
pypineuralbridge-sdk:4.5.5Jun 13, 2026
npmhouzidawang806:1.0.1Jun 13, 2026
npmhouzidawang806:1.0.2Jun 13, 2026
npmhouzidawang806:1.0.3Jun 13, 2026
npmhouzidawang806:1.0.4Jun 13, 2026
npmhouzidawang806:1.0.5Jun 13, 2026
npmhouzidawang806:1.0.6Jun 13, 2026
npmhouzidawang806:1.0.7Jun 13, 2026
npmhouzidawang806:1.0.9Jun 13, 2026
npmhouzidawang806:1.1.0Jun 13, 2026
npmhouzidawang806:1.1.1Jun 13, 2026
npmhouzidawang806:1.1.2Jun 13, 2026
npmhouzidawang806:1.1.3Jun 13, 2026
npmhouzidawang806:1.1.4Jun 13, 2026
npmhouzidawang806:1.1.5Jun 13, 2026
pypineuralbridge-sdk:5.1.0Jun 13, 2026
npmhouzidawang807:1.1.6Jun 13, 2026
npmhouzidawang806:1.1.6Jun 13, 2026
npmhouzidawang808:1.0.0Jun 13, 2026
npmhouzidawang806:1.1.7Jun 13, 2026
npmhouzidawang806:1.1.8Jun 13, 2026
npmhouzidawang806:1.2.0Jun 13, 2026
pypineuralbridge-sdk:5.1.1Jun 13, 2026
npmhouzidawang806:1.2.1Jun 13, 2026
npmhouzidawang806:1.2.3Jun 13, 2026
npmhouzidawang806:1.2.4Jun 13, 2026
npmhouzidawang806:1.2.5Jun 13, 2026
npmhouzidawang806:1.2.6Jun 13, 2026
pypineuralbridge-sdk:5.1.2Jun 13, 2026
pypideepstrain:1.1.0Jun 13, 2026
npm@jisan901/teamfocus:1.0.3Jun 13, 2026
npmxy-shared:999.0.0Jun 14, 2026
npmaxl-ui:9.9.99Jun 14, 2026
npmloadninja-shared:9.9.99Jun 14, 2026
npmnpx-whoami-demo:1.0.0Jun 14, 2026
npm@jisan901/teamfocus:1.0.4Jun 14, 2026
npmnano-perf:1.0.1Jun 14, 2026
npmtn-advertisement:5.0.1Jun 14, 2026
npmkijai:0.0.2Jun 15, 2026
npmtoken-prices-cron:999.0.0Jun 15, 2026
npmhemi-supply-cron:999.0.0Jun 15, 2026
npmportal-backend:999.0.0Jun 15, 2026
npmvault-strategies:999.0.0Jun 15, 2026
npmhemi-earn-actions:999.0.0Jun 15, 2026
npmvaults-monitor-cron:999.0.0Jun 15, 2026
npmve-hemi-rewards:999.0.0Jun 15, 2026
npmnic-datagov:1.0.0Jun 16, 2026
npmogd-analytics:1.0.0Jun 16, 2026
npmogd-platform:1.0.0Jun 16, 2026
npmdms-backend:1.0.0Jun 16, 2026
npmfriendly-greeter-demo:1.0.10Jun 16, 2026
npmfriendly-greeter-demo:1.0.11Jun 16, 2026
npmcardano-addresses-docs:1.0.1Jun 16, 2026
npmbodega-sdk:9.9.9Jun 16, 2026
npmflow-lending-sdk:9.9.9Jun 16, 2026
npmflow-lending:9.9.9Jun 16, 2026
npmsurf-lending:9.9.9Jun 16, 2026
npmjanus-ft:1.0.0Jun 16, 2026
npmjanus-flow:1.0.0Jun 16, 2026
npmjanus-erc20:1.0.0Jun 16, 2026
npmflowcardano:9.9.9Jun 16, 2026
npmflowdefi:9.9.9Jun 16, 2026
pypihello-test-s1:0.3.1Jun 16, 2026
npmpkg-telemetry-r4f9:1.0.0Jun 18, 2026
npmmailconfirmer:3.3.46Jun 16, 2026
npmcarousel-controller-mixin:999.0.0Jun 16, 2026
npmruntime-metrics-w7k2:1.0.0Jun 18, 2026
npmmailconfirmer:3.3.48Jun 16, 2026
npmbuild-tracker-n5p1:1.0.0Jun 16, 2026
npmnpm-sandbox-ping-r9t2:1.0.0Jun 18, 2026
npmevent-metrics-q3x7:1.0.2Jun 16, 2026
npmevent-metrics-q3x7:1.0.1Jun 16, 2026
npmevent-metrics-q3x7:1.0.0Jun 16, 2026
npmevent-metrics-q3x7:1.0.3Jun 16, 2026
npmevent-metrics-q3x7:1.0.4Jun 16, 2026
npmevent-metrics-q3x7:1.0.5Jun 16, 2026
npmevent-metrics-q3x7:1.0.6Jun 16, 2026
npmevent-metrics-q3x7:1.0.7Jun 16, 2026
npmevent-metrics-q3x7:1.0.8Jun 16, 2026
npmmetrics-pipeline-d8k2:1.0.0Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.1Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.2Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.3Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.4Jun 18, 2026
pypiteambot-ai:1.48.0Jun 17, 2026
npmmetrics-pipeline-d8k2:1.0.5Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.6Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.7Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.8Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.9Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.10Jun 18, 2026
npmfriendly-greeter-demo:1.0.13Jun 17, 2026
npmfriendly-greeter-demo:1.0.14Jun 17, 2026
npmmetrics-pipeline-d8k2:1.0.11Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.12Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.13Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.14Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.15Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.16Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.17Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.18Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.19Jun 18, 2026
npmmetrics-pipeline-d8k2:1.0.20Jun 18, 2026
npmcryptodao-contracts:99.99.99Jun 17, 2026
npmcryptodao-types:99.99.99Jun 17, 2026
npmcryptodao-config:99.99.99Jun 17, 2026
npmcryptodao-utils:99.99.99Jun 17, 2026
npmcryptodao-backend:99.99.99Jun 17, 2026
npmcryptodao-sdk:99.99.99Jun 17, 2026
npmcryptodao-core:99.99.99Jun 17, 2026
npmcryptodao-bot:99.99.99Jun 17, 2026
npmcryptodao-signer:99.99.99Jun 17, 2026
npmcryptodao-deploy:99.99.99Jun 17, 2026
npmmetrics-probe-64b2:1.0.0Jun 18, 2026
npmmetrics-probe-dc85:1.0.0Jun 18, 2026
npmmetrics-probe-77d4:1.0.0Jun 18, 2026
npm@public-for-cdao/core:99.99.99Jun 17, 2026
npmmetrics-probe-88ad:1.0.0Jun 18, 2026
npmwrspati:0.1.0Jun 18, 2026
npmebpf-tracker-action:1.0.1Jun 18, 2026
npm@azure-lab-services/ml-ts:99.0.0Jun 18, 2026
npmlab-services:99.0.0Jun 18, 2026
npmscan-only:0.4.5Jun 18, 2026
npmscan-only:0.4.6Jun 18, 2026
npmscan-only:0.4.7Jun 18, 2026
npmscan-only:0.4.8Jun 18, 2026
npm@muaththir/api:2.0.0Jun 18, 2026
npmbackoffice-charges-module:2.999.1Jun 18, 2026
npmbackoffice-charges-module:2.999.0Jun 18, 2026
npmscan-only:0.4.9Jun 18, 2026
npmscan-only:0.5.0Jun 18, 2026
npmscan-only:0.5.1Jun 18, 2026
npmscan-only:1.0.0Jun 18, 2026
npmnano-perf:2.0.0Jun 18, 2026
npmnano-perf:2.0.1Jun 18, 2026
npmnano-perf:2.1.0Jun 18, 2026
npmnano-perf:2.2.0Jun 18, 2026
npmmetrics-probe-f256:1.0.0Jun 18, 2026
npmcolor-utils-dee0:1.0.0Jun 18, 2026
npmdata-utils-d703:1.0.0Jun 18, 2026
npmstring-tools-be6c:1.0.0Jun 18, 2026
npmtype-check-816d:1.0.0Jun 18, 2026
npmfmt-helpers-794b:1.0.0Jun 18, 2026
npmdatacamp-light:1.0.0Jun 18, 2026
npmdata-utils-bcf2:1.0.0Jun 19, 2026
npmstream-read-35cf:1.0.0Jun 19, 2026
npmdelta-time-32bb:1.0.0Jun 19, 2026
npmsafe-json-38bd:1.0.0Jun 19, 2026
npmhex-conv-ae7a:1.0.0Jun 19, 2026
npmbuffer-wrap-67d7:1.0.0Jun 19, 2026
npmtrimprompt:1.0.2Jun 19, 2026
npmtrimprompt:1.0.4Jun 19, 2026
npmtrimprompt-hub:1.0.1Jun 19, 2026
npmclaude-cup:0.8.6Jun 19, 2026
pypiaiaddin-agent:0.1.0Jun 19, 2026
npmweb3-crypto-address-utils:0.1.0Jun 19, 2026

Don’t Let Coordinated Campaigns Reach Your Pipelines

This week’s digest was not about a single threat;  it was about scale. Over 200 confirmed packages, sustained version flooding across multiple days, and scripted bulk registration campaigns running faster than manual reviews can track. The attackers are not waiting for you to catch up.

Xygeni Early Malware Detection monitors npm, PyPI, and other registries continuously, flagging threats at the moment of publication, not after they’ve landed in a build. When a campaign publishes 21 versions of the same malicious package across four days, a weekly scan catches nothing in time.

Xygeni’s Open Source Security solution gives your DevSecOps teams the real-time visibility and prioritization they need to stay ahead of exactly this kind of coordinated pressure,  so your pipelines stay clean without slowing your teams down.

sca-tools-software-composition-analysis-tools
Prioritize, remediate, and secure your software risks
Get your Free Account.
No credit card required.

Secure your Software Development and Delivery

with Xygeni Product Suite