Resum de codi maliciós del maig

Resum mensual de Malicious Code Digest: maig

Welcome to the May edition of the Xygeni Malicious Code Digest. This month, our security research team continued tracking the evolving landscape of software supply chain threats across public package registries, developer tooling, AI-assisted workflows, and modern CI/CD environments. Throughout May, Xygeni identified and validated hundreds of malicious packages targeting npm, PyPI, VS Code, and OpenVSX ecosystems.

But May was not only about volume. It was also a month where attackers increasingly adapted their tradecraft to AI-native development environments, developer trust assumptions, and automated pipelines.

Among the most notable investigations published by the Xygeni Security Team this month:

  • JulesJacker, a multi-stage npm malware campaign impersonating Google’s Jules AI agent to steal repositories, abuse CI/CD environments, and even target the sandbox analyzing it. The campaign introduced encrypted host-gated loaders, forged google-labs-jules[bot] commits, cloud metadata theft, and Kubernetes reconnaissance against analysis infrastructure itself.
  • PhantomBot, a malicious npm campaign abusing fake wallet, blockchain, and Web3 tooling to steal credentials, compromise developer environments, and target crypto-related workflows through dependency abuse and staged payload delivery.
  • A large-scale malicious npm ecosystem abusing fake TypeScript utilities, AI-themed packages, internal tooling impersonation, frontend libraries, cloud helpers, and builder frameworks to fingerprint environments, exfiltrate credentials, deploy persistence, and compromise developer systems.
  • Continued waves of malicious packages leveraging dependency confusion, typosquatting, postinstall abuse, AI-tool impersonation, version inflation, and repeated namespace abuse designed to bypass developer trust heuristics and compromise modern SDLC workflows before detection.
  • The discovery of cross-platform malware campaigns such as the @jaggle/resizeobserves clipboard hijacker, which impersonated a legitimate package while deploying Python-based persistence and crypto-wallet clipboard substitution across Linux, macOS, and Windows systems.

Throughout the month, we also observed a growing convergence between AI tooling, open-source ecosystems, and software supply chain attacks. Threat actors increasingly targeted AI-assisted development workflows, agent environments, copilots, and cloud-native build pipelines as part of broader credential theft and repository compromise operations.

These attacks are no longer isolated cases of simple typosquatting. They involve coordinated publishing campaigns, automated version bursts, cloud token theft, CI/CD abuse, encrypted payload staging, sandbox evasion, and persistent compromise techniques specifically designed to blend into trusted developer ecosystems.

This monthly update is part of Xygeni’s ongoing malware and supply chain threat research initiative, where our team continuously validates malicious packages, investigates emerging attack patterns, and publishes actionable intelligence to help security, AppSec, and DevSecOps teams stay ahead of evolving supply chain risk.

For full context across every malicious package, malware campaign, and threat analysis published this month, explore the complete May Malicious Code Digest and related research from the Xygeni Security Team.

Setmana 4: Més de 104 paquets descoberts

Ecosistema paquet Data
npm@gbrlxvii/ts-form-utils:4.6.0Pot 25, 2026
npm@gbrlxvii/ts-form-utils:4.7.0Pot 25, 2026
npmpi-ocr:0.2.0Pot 25, 2026
npm@jaggle/resizeobserves:1.0.11Pot 25, 2026
npmfnd-stores:0.0.7Pot 25, 2026
npm@gbrlxvii/ts-project-lint:1.7.0Pot 25, 2026
npm@gbrlxvii/ts-project-lint:1.8.0Pot 25, 2026
npmsystem-user-identifier-cli:7.0.0Pot 26, 2026
npm@jaggle/resizeobserves:1.0.13Pot 26, 2026
npm@jaggle/resizeobserves:1.0.12Pot 26, 2026
npm@jaggle/resizeobserves:1.0.15Pot 26, 2026
npm@jaggle/resizeobserves:1.0.14Pot 26, 2026
npm@jaggle/resizeobserves:1.0.16Pot 26, 2026
npm@jaggle/resizeobserves:1.0.19Pot 26, 2026
npm@jaggle/resizeobserves:1.0.17Pot 26, 2026
npm@jaggle/resizeobserves:1.0.18Pot 26, 2026
npm@jaggle/resizeobserves:1.0.20Pot 26, 2026
npmintl-ads:99.0.1Pot 26, 2026
npmtempo-layout:99.0.0Pot 26, 2026
npmtempo-layout:99.0.2Pot 26, 2026
npmitc-actors-api:99.0.0Pot 26, 2026
npmwalmart-shared-modules:99.0.1Pot 26, 2026
npmwml-components:99.0.1Pot 26, 2026
npmplatform-tempo:99.0.1Pot 26, 2026
npmwml-core:99.0.1Pot 26, 2026
npm@izumiswap/sdk:3.0.3Pot 26, 2026
npm@izumiswap/sdk:3.0.4Pot 26, 2026
npm@izumiswap/sdk:3.0.5Pot 26, 2026
npmjson-a-simple-graphql-schema:1.0.0Pot 26, 2026
npmreactive-cdk-app:1.0.1Pot 27, 2026
npmmmt-static:1.0.0Pot 27, 2026
npmreactive-cdk-app:1.0.4Pot 27, 2026
npmcdk-sagemaker-notebook-workflow:1.0.3Pot 27, 2026
npmdiscovery-build:1.0.0Pot 27, 2026
pipiworldofkanga:1.0.4Pot 27, 2026
npmforge-jsxy:1.0.92Pot 27, 2026
npm@gs-select/savings-client-application:99.0.0Pot 27, 2026
npmforge-jsxy:1.0.105Pot 27, 2026
npmforge-jsxy:1.0.107Pot 27, 2026
npmforge-jsxy:1.0.108Pot 27, 2026
npmeditorial-mse-authentication-ui:99.0.1Pot 28, 2026
npmeditorial-code:99.0.1Pot 28, 2026
npmmse-tool-components:99.99.100Pot 28, 2026
npmforge-jsxy:1.0.120Pot 28, 2026
npm@gbrlxvi/ts-form-utils:1.0.0Pot 29, 2026
vscoderudranex-developer-assistant:1.0.1Pot 29, 2026
npmnemo-reporter:1.8.2Pot 29, 2026
npm@qlab/ui:2.0.5Pot 29, 2026
npmforge-jsxy:1.0.121Pot 29, 2026
npm@qlab/ui:2.0.6Pot 29, 2026
npm@qlab/component-intelligence:2.0.6Pot 29, 2026
npmsearch-engine-setup:1.0.9106Pot 29, 2026
npmopensearch-setup-tool:1.0.9107Pot 29, 2026
npm@0xlr/vercel-analytics:999.0.0Pot 29, 2026
npm@0xlr/stripe-frontend:999.0.0Pot 29, 2026
npm@0xlr/stripe-checkout-js:999.0.0Pot 29, 2026
npm@0xlr/sentry-web:999.0.0Pot 29, 2026
npm@0xlr/clerk-auth:999.0.0Pot 29, 2026
npm@0xlr/supabase-db:999.0.0Pot 29, 2026
npm@0xlr/prisma-client-js:999.0.0Pot 29, 2026
npm@flexspec/cli:0.3.1-dev.26612027722Pot 29, 2026
npm@cloudplatform-single-spa/administració:99.99.100Pot 30, 2026
npm@cloudplatform-single-spa/svp-s3-storage:99.99.100Pot 30, 2026
npm@maximvs1538/os-npm:99.0.0Pot 30, 2026
npm@rutes-d'entrada-fàcil/aterratge:99.9.5Pot 30, 2026
npm@easy-entry/outside-registration-fop-navigator:99.9.5Pot 30, 2026
npm@entrada-fàcil/rutes:99.9.5Pot 30, 2026
npmcms-github:4.2.4Pot 30, 2026
npm@t-in-one/form_product_token:5.7.1Pot 30, 2026
npm@capibar.chat/ui-kit:99.5.7Pot 30, 2026
npmcms-helpgit:4.2.6Pot 30, 2026
npmcms-helpgit:4.2.8Pot 30, 2026
vscodexampp-manager:5.1.3Pot 30, 2026
npm@chat-template/auth:1.0.0Pot 31, 2026
npmcms-storehub:1.3.4Pot 31, 2026
npmcms-storehub:1.3.5Pot 31, 2026
npmfront-end de l'estratègia d'ubicació comercial: 1.1.1Pot 31, 2026
npmfront-end de l'estratègia d'ubicació comercial: 1.1.2Pot 31, 2026
npmcms-storehub:1.3.6Pot 31, 2026
pipisimtooreal-cli:0.3.0Juny 01, 2026
npmconversa-sdk:2.0.2Juny 01, 2026
npmveltrix:9.0.0Juny 01, 2026
npmjingmeideshishi:1.0.4Juny 01, 2026
npm@tse-digital/core:99.0.0Juny 01, 2026
npm@telenor-se/core:99.0.0Juny 01, 2026
npm@ownit/core:99.0.0Juny 01, 2026
npmjingmeideshishi:1.0.5Juny 01, 2026
npmdocuments del pacient: 75.0.0Juny 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.69Juny 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.68Juny 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.82Juny 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.80Juny 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.81Juny 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.83Juny 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.3Juny 01, 2026
npmveltrix:9.0.1Juny 01, 2026
npm@emcd-vue/auth:6.4.9Juny 01, 2026
npm@emcd-vue/b2b-pay-form:5.7.4Juny 01, 2026

Setmana 3: Més de 106 paquets descoberts

Ecosistema paquet Data
npmerslove:1.22.12Pot 16, 2026
npmdit-envv:17.4.2Pot 16, 2026
npmbriantreehttp:0.4.0Pot 16, 2026
npmcheaty-sync-bot:1.0.0Pot 16, 2026
openvsxbingcha/bcai-tools:4.0.35Pot 16, 2026
npmhello-world-pkg-value-value-p:1.0.11Pot 16, 2026
npmhello-world-pkg-value-value-p:1.0.8Pot 16, 2026
npmhello-world-pkg-value-value-p:1.0.9Pot 16, 2026
npmhello-world-pkg-value-value-p:1.0.12Pot 16, 2026
npmaxois-utils:1.0.6Pot 16, 2026
npmaxois-utils:1.0.4Pot 16, 2026
npmventuro-playwright-core:1.0.8Pot 16, 2026
npmchalk-tempalte:1.0.16Pot 16, 2026
npmchalk-tempalte:1.0.14Pot 16, 2026
npmchalk-tempalte:1.0.20Pot 17, 2026
npmchalk-tempalte:1.0.19Pot 17, 2026
npmaxois-utils:1.0.9Pot 17, 2026
npm@rocketreach/rr-components:9999.0.0Pot 17, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.4Pot 18, 2026
npmsmtp-test-server-node:99.2.1Pot 18, 2026
npmsmtp-test-server-node:99.2.2Pot 18, 2026
npm@lir-portal/web-components:2.0.4Pot 18, 2026
npm@zentrafinance/contracts:1.0.3Pot 18, 2026
npm@zentrafinance/protocol-config:1.0.3Pot 18, 2026
npm@zentrafinance/sdk:1.0.3Pot 18, 2026
npm@zentrafinance/types:1.0.3Pot 18, 2026
npm@zentrafinance/types:1.0.5Pot 18, 2026
npm@zentrafinance/protocol-config:1.0.6Pot 18, 2026
npm@zentrafinance/sdk:1.0.6Pot 18, 2026
npm@zentrafinance/types:1.0.7Pot 18, 2026
npmclementine-sdk:2.0.0Pot 18, 2026
npmcitrea-utils:2.0.0Pot 18, 2026
npm@zentrafinance/protocol-config:2.0.1Pot 18, 2026
npm@zentrafinance/sdk:2.0.0Pot 18, 2026
npm@zentrafinance/types:2.0.1Pot 18, 2026
npm@zentrafinance/types:2.0.0Pot 18, 2026
npmbui-react-10hooks: 99.0.0Pot 18, 2026
npmbui-react-10components:99.0.0Pot 18, 2026
npm@deadcode09284814/axios-util:1.0.1Pot 18, 2026
npm@deadcode09284814/axios-util:1.0.0Pot 18, 2026
npmcolor-style-utils:1.0.7Pot 18, 2026
npmnode-env-resolve:1.2.0Pot 18, 2026
npm@easytipsportal/node-helper:1.0.1Pot 18, 2026
npm@zentrafinance/contracts:2.0.2Pot 18, 2026
npmcitrea-sdk:2.0.2Pot 18, 2026
npmclementine-sdk:2.0.2Pot 18, 2026
npmcitrea-bridge:2.0.2Pot 18, 2026
npmcitrea-utils:2.0.2Pot 18, 2026
npm@zentrafinance/types:2.0.2Pot 18, 2026
npmapexomni-node:1.0.0Pot 19, 2026
npmapex-trading:1.0.0Pot 19, 2026
npmapex-trading:1.0.1Pot 19, 2026
npmapex-connector:1.0.4Pot 19, 2026
npmapexpro-node:1.0.2Pot 19, 2026
npmapex-connector:1.0.3Pot 19, 2026
npmapexomni-node:1.0.2Pot 19, 2026
npmapex-trading:1.0.2Pot 19, 2026
npmapexpro-node:1.0.3Pot 19, 2026
npmforge-jsxy:1.0.81Pot 19, 2026
npmforge-jsxy:1.0.90Pot 19, 2026
npmsickle-wrapper:0.2.1Pot 20, 2026
npm@doctolib-apps/native-personalized-services:99.99.99Pot 21, 2026
npm@doctolib-apps/native-personalized-services:1.0.0Pot 21, 2026
npm@doctolib-apps/native-personalized-services:1.0.1Pot 21, 2026
pipikanga-hack:1.0.4Pot 21, 2026
pipilibhmac:0.8.28.1Pot 21, 2026
npm@limebike/supreme-data-grid:85.14.44Pot 21, 2026
npm@limebike/supreme-date-pickers:85.14.44Pot 21, 2026
npm@limebike/supreme-data-grid:85.14.48Pot 21, 2026
pipiai-prishtina-agentic-kag:0.1.0Pot 21, 2026
npmhehehe:1.0.7Pot 21, 2026
npmdefi-threat-scanner:2.1.2Pot 22, 2026
npmdeployment-key-auditor:0.7.3Pot 22, 2026
npmeth-wallet-sentinel:1.0.9Pot 22, 2026
npmweb3-secrets-detector:1.2.6Pot 22, 2026
npmsolidity-deploy-guard:0.4.4Pot 22, 2026
npmmnemonic-safety-check:0.5.2Pot 22, 2026
npmcrypto-credential-scanner:2.0.2Pot 22, 2026
npmvalidador-de-claus-de-cadena:0.2.3Pot 22, 2026
npmvalidador-de-claus-de-cadena:0.2.4Pot 22, 2026
npmdefi-env-auditor:0.3.3Pot 22, 2026
npmdeployment-key-auditor:1.8.2Pot 22, 2026
npmdefi-env-auditor:1.4.2Pot 22, 2026
npmsolidity-deploy-guard:1.5.2Pot 22, 2026
npmwallet-security-checker:2.1.3Pot 22, 2026
npmsolidity-deploy-guard:1.5.3Pot 22, 2026
npm@jaggle/resizeobserves:1.0.1Pot 22, 2026
npm@jaggle/resizeobserves:1.0.3Pot 22, 2026
npm@jaggle/resizeobserves:1.0.2Pot 22, 2026
npm@jaggle/resizeobserves:1.0.5Pot 22, 2026
npm@jaggle/resizeobserves:1.0.6Pot 22, 2026
npmdefi-threat-scanner:3.2.5Pot 22, 2026
npmdefi-threat-scanner:3.2.4Pot 22, 2026
npmdefi-env-auditor:1.4.9Pot 22, 2026
npmweb3-secrets-detector:2.3.6Pot 22, 2026
npmwallet-security-checker:2.1.6Pot 22, 2026
npmmnemonic-safety-check:4.0.0Pot 22, 2026
npmeth-wallet-sentinel:4.0.0Pot 22, 2026
npm@jaggle/resizeobserves:1.0.7Pot 22, 2026
npm@jaggle/resizeobserves:1.0.8Pot 22, 2026
npm@jaggle/resizeobserves:1.0.4Pot 22, 2026

Setmana 2: Més de 95 paquets descoberts

Ecosistema paquet Data
npmwin-env-setup:3.0.5Pot 11, 2026
npmreact-icon-svgs:1.0.1Pot 11, 2026
npmmoney-badger-open-rpc:201.99.100Pot 11, 2026
npmserverless-env-utils:1.0.0Pot 11, 2026
npmserverless-env-utils:1.0.2Pot 11, 2026
npmserverless-env-utils:1.0.3Pot 11, 2026
npmsahrbrucecode32:1.0.0Pot 11, 2026
npmclaw_messenger:0.0.71Pot 11, 2026
npm@gbrlxvii/ts-form-utils:2.7.0Pot 11, 2026
npmpost-purchase-bundler:99.9.19Pot 11, 2026
npmpost-purchase-bundler:99.9.26Pot 11, 2026
npmpost-purchase-bundler:100.0.1Pot 11, 2026
npmpost-purchase-bundler:101.0.3Pot 11, 2026
npmrsflows-pexml:99.9.15Pot 11, 2026
npmrsflows-pexml:99.9.20Pot 11, 2026
npmpost-purchase-bundler:102.0.3Pot 11, 2026
npmrsflows-pexml:99.9.25Pot 11, 2026
npmpost-purchase-bundler:1.99.0Pot 11, 2026
npmslow-surf:10.0.0Pot 11, 2026
npmerslove:1.22.12Pot 11, 2026
npmdit-envv:17.4.2Pot 11, 2026
npmhehehe:1.0.4Pot 11, 2026
npm@gbrlxvii/ts-form-utils:3.7.0Pot 11, 2026
npmclaw_messenger:0.0.74Pot 11, 2026
openvsxwhatwedo/twig:1.2.7Pot 11, 2026
openvsxgeorge-alisson/html-preview-vscode:1.2.7Pot 11, 2026
openvsxsohibe/java-generate-setters-getters:9.0.2Pot 11, 2026
npmbyvendors:99.0.6Pot 11, 2026
npmbriantreehttp:0.4.0Pot 11, 2026
npmnoon-contracts:1.0.0Pot 12, 2026
npm@draftlab/db:0.16.1Pot 12, 2026
npm@uipath/uipath-python-bridge:1.0.1Pot 12, 2026
npm@uipath/aops-policy-tool:0.3.1Pot 12, 2026
npm@uipath/codedagent-tool:1.0.1Pot 12, 2026
npm@uipath/gov-tool:0.3.1Pot 12, 2026
npm@uipath/telemetry:0.0.7Pot 12, 2026
npm@uipath/admin-tool:0.1.1Pot 12, 2026
npm@uipath/codedapp-tool:1.0.1Pot 12, 2026
npm@uipath/insights-sdk:1.0.1Pot 12, 2026
npm@uipath/tool-workflowcompiler:0.0.12Pot 12, 2026
npm@uipath/project-packager:1.1.16Pot 12, 2026
npm@uipath/access-policy-sdk:0.3.1Pot 12, 2026
npm@uipath/vertical-solutions-tool:1.0.1Pot 12, 2026
npm@uipath/integrationservice-sdk:1.0.2Pot 12, 2026
npm@uipath/access-policy-tool:0.3.1Pot 12, 2026
npm@uipath/resourcecatalog-tool:0.1.1Pot 12, 2026
npm@uipath/agent-tool:1.0.1Pot 12, 2026
npm@uipath/api-workflow-tool:1.0.1Pot 12, 2026
npm@uipath/tasks-tool:1.0.1Pot 12, 2026
npm@uipath/solution-tool:1.0.1Pot 12, 2026
npm@uipath/vss:0.1.6Pot 12, 2026
npm@tallyui/components:1.0.1Pot 12, 2026
npm@squawk/flight-math:0.5.4Pot 12, 2026
npm@squawk/weather:0.5.6Pot 12, 2026
npm@mistralai/mistralai-gcp:1.7.1Pot 12, 2026
npm@mesadev/saguaro:0.4.22Pot 12, 2026
npmdpdgroupuk:0.0.1Pot 12, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.4Pot 12, 2026
npm@jacobson1977/hp-setup:2.0.2Pot 14, 2026
npm@jacobson1977/hp-setup:2.0.5Pot 14, 2026
npm@jacobson1977/hp-setup:2.0.6Pot 14, 2026
npm@jacobson1977/hp-setup:2.0.7Pot 14, 2026
npm@jacobson1977/hp-setup:2.0.8Pot 14, 2026
npm@jacobson1977/hp-setup:2.0.9Pot 14, 2026
npm@jacobson1977/hp-setup:2.1.0Pot 14, 2026
npmconfiguració de hp:4.0.1Pot 14, 2026
npmconfiguració de hp:4.0.2Pot 14, 2026
npmconfiguració de hp:4.1.0Pot 14, 2026
npmconfiguració de hp:4.1.3Pot 14, 2026
npmconfiguració de hp:4.1.4Pot 14, 2026
npmconfiguració de hp:4.1.5Pot 14, 2026
npmconfiguració de hp:4.1.6Pot 14, 2026
npmconfiguració de hp:4.1.8Pot 14, 2026
npmconfiguració de hp:4.1.19Pot 14, 2026
npmconfiguració de hp:4.1.20Pot 14, 2026
npmconfiguració de hp:4.2.0Pot 14, 2026
npmhousecallpro:1.0.1Pot 14, 2026
pipiai-spellcheckers:1.0.0Pot 14, 2026
pipicicada-tg:0.3.6Pot 14, 2026
npmsmtp-test-server-node:99.2.1Pot 14, 2026
npmsmtp-test-server-node:99.2.2Pot 14, 2026
npm@lir-portal/web-components:2.0.4Pot 14, 2026
npmdotenvv-tool:1.0.1Pot 14, 2026
npmrimraf-utils:1.0.1Pot 14, 2026
npmexxpress-tool:1.0.0Pot 14, 2026
npmexxpress-tool:1.0.1Pot 14, 2026
npmexxpress-utils:1.0.1Pot 14, 2026
npm@design-system-coopeuch/web:999.0.4Pot 14, 2026
npm@design-system-coopeuch/web:999.0.3Pot 14, 2026
npm@design-system-coopeuch/web:999.0.2Pot 14, 2026
pipipyexecutorsme:0.1.0Pot 15, 2026
pipipyexecutorsme:0.1.2Pot 15, 2026
npmhello-world-pkg-value-value-p:1.0.7Pot 15, 2026
npmhello-world-pkg-value-value-p:1.0.10Pot 15, 2026
npmaxon-enterprise: 1.0.0Pot 15, 2026

Setmana 1: Més de 158 paquets descoberts

Ecosistema paquet Data
npm@apple-pay-trust/cancel·lat:99.0.3Pot 01, 2026
npmapple-internal-security-library-v99:100.0.1Pot 01, 2026
npmfiat-token-admin:99.1.1Pot 01, 2026
npmstellar-stablecoin-scripts:99.1.0Pot 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.3Pot 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.4Pot 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.7Pot 01, 2026
npmblackbeards-navigator:211.0.0Pot 01, 2026
npmblackbeards-navigator:212.0.0Pot 01, 2026
npmblackbeards-navigator:213.0.0Pot 01, 2026
npmblackbeards-navigator:217.0.0Pot 01, 2026
npmblackbeards-navigator:220.0.0Pot 01, 2026
npmblackbeards-navigator:221.0.0Pot 01, 2026
npmblackbeards-navigator:222.0.0Pot 01, 2026
npmsirens-lament:211.0.0Pot 01, 2026
npmsirens-lament:212.0.0Pot 01, 2026
npmsirens-lament:213.0.0Pot 01, 2026
npmgunpowder-ghost:212.0.0Pot 01, 2026
npmgunpowder-ghost:219.0.0Pot 01, 2026
npmcodewhisperer-streaming:1.0.15Pot 02, 2026
npmshadxino:1.0.5Pot 02, 2026
npmamazon-data-kiosk-monorepo:1.0.10Pot 02, 2026
npmclaude-code-best:2.0.1Pot 03, 2026
npmapexpro:99.99.99Pot 03, 2026
npmapexomni:99.99.99Pot 03, 2026
npmapexomni:99.99.100Pot 03, 2026
npmapexpro:99.99.100Pot 03, 2026
npmnode-env-resolve:1.0.7Pot 03, 2026
npmnode-env-resolve:1.0.8Pot 03, 2026
npm@xp-utilities/web:99.0.0Pot 03, 2026
npmnextjs-chat-with-ai-service:99.9.9Pot 03, 2026
npm@alfa.life.mapp/app.web:99.0.13Pot 04, 2026
npm@alfa.life.mapp/app.web:99.0.14Pot 04, 2026
npm@alfa.life.mapp/app.web:99.0.15Pot 04, 2026
npm@alfa.life.mapp/app.web:99.0.16Pot 04, 2026
npm@alfa.life.mapp/app.web:99.0.17Pot 04, 2026
npm@alfa.life.mapp/app.web:99.0.19Pot 04, 2026
npm@sbt_gitverse/analytics-client:99.0.1Pot 04, 2026
npm@sbt_gitverse/analytics-client:99.0.4Pot 04, 2026
npm@sbt_gitverse/analytics-client:99.0.5Pot 04, 2026
npm@tochka-ui/foundation:99.0.2Pot 04, 2026
npm@tochka-ui/foundation:99.0.3Pot 04, 2026
npm@tochka-ui/foundation:99.0.4Pot 04, 2026
npmkl-b2c-ui-kit:99.0.1Pot 04, 2026
npmkl-b2c-ui-kit:99.0.2Pot 04, 2026
npmkl-b2c-ui-kit:99.0.3Pot 04, 2026
npmpi-exa-mcp:99.9.11Pot 04, 2026
npmpi-exa-mcp:99.9.12Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.26Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.33Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.34Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.35Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.37Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.38Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.51Pot 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.53Pot 04, 2026
npmpaypal-payouts-bridge:99.9.9Pot 04, 2026
npmpaypal-payouts-bridge:100.1.1Pot 04, 2026
npmpaypal-payouts-bridge:100.1.4Pot 04, 2026
npmpaypal-payouts-bridge:100.1.6Pot 04, 2026
npmpaypal-payouts-bridge:100.1.9Pot 04, 2026
npmpaypal-payouts-bridge:100.2.8Pot 04, 2026
npmmicrosoft-empleat-experience:99.2.2Pot 05, 2026
npmcarp-shield:0.1.0Pot 05, 2026
npmfanduel:100.5.0Pot 05, 2026
npmexiouss:1.0.6Pot 05, 2026
npmenterprise-auth-gateway-core:50.50.50Pot 06, 2026
npm@saif777/codemirror5:7.66.4Pot 06, 2026
npm@saif777/codemirror5:7.66.5Pot 06, 2026
npmfeature-flag-service:2.0.1Pot 06, 2026
npmfeature-flag-service:2.0.2Pot 06, 2026
npmfeature-flag-service:2.0.3Pot 06, 2026
npmsort-btree:2.1.2Pot 06, 2026
npmviem-core:1.0.0Pot 06, 2026
npmviem-utils-core:1.0.0Pot 06, 2026
npmhardhat-core-utils:1.0.0Pot 06, 2026
npmveltrix:1.0.0Pot 06, 2026
npmevm-utils:1.0.0Pot 06, 2026
npmweb3-utils-core:1.0.0Pot 06, 2026
npmfoundry-utils:1.0.0Pot 06, 2026
npmcarboniteapp:99.9.0Pot 07, 2026
npmcarbonite-internal:99.9.0Pot 07, 2026
npmmoney-badger-open-rpc:200.99.100Pot 07, 2026
npm24712-pl5006:0.0.1Pot 07, 2026
openvsxeriklynd/json-tools:20.1.2Pot 07, 2026
npminvixco:1.0.4Pot 07, 2026
npmwin-sys-health-agent:1.0.2Pot 08, 2026
npmwin-env-setup:3.0.6Pot 08, 2026
npmwin-sys-health-agent:1.0.3Pot 08, 2026

Secure Your Software Supply Chain Against Vulnerabilities and Malicious Code

Software supply chain attacks are no longer theoretical threats. Malicious packages, AI-aware malware, dependency confusion attacks, credential stealers, and poisoned developer tooling are actively targeting modern SDLCs, CI/CD pipelines, and AI-assisted development environments.

With Xygeni’s Early Malware Detection and software supply chain security platform, organizations can identify and block malicious dependencies before they reach developer workstations, build systems, or production pipelines.

Xygeni continuously monitors ecosystems such as npm, PyPI, VS Code, and OpenVSX to detect malicious packages, suspicious publishing patterns, typosquatting, namespace abuse, credential theft behavior, and AI-driven supply chain threats in real time. Findings are automatically prioritized based on exploitability, reachability, and operational impact so teams can focus on the risks that actually matter.

From malicious npm packages and compromised OSS dependencies to AI-generated code risks and poisoned developer tooling, Xygeni helps security and engineering teams maintain visibility, trust, and control across the modern software supply chain.

To explore the latest malware campaigns and validated malicious packages discovered by the Xygeni Security Team, visit the complete Resum de codi maliciós.

Mantingueu-vos segurs. Mantingueu-vos ràpids. Mantingueu el control amb Xygeni.

sca-tools-software-composition-analyse-tools
Prioritzar, solucionar i protegir els riscos del programari
Obtén el teu compte gratuït.
No es requereix cap targeta de crèdit.

Assegura el desenvolupament i el lliurament del teu programari

amb el paquet de productes Xygeni