Haittakoodin tiivistelmä toukokuussa

Haittakoodin tiivistelmän kuukausittainen yhteenveto: toukokuu

Welcome to the May edition of the Xygeni Malicious Code Digest. This month, our security research team continued tracking the evolving landscape of software supply chain threats across public package registries, developer tooling, AI-assisted workflows, and modern CI/CD environments. Throughout May, Xygeni identified and validated hundreds of malicious packages targeting npm, PyPI, VS Code, and OpenVSX ecosystems.

But May was not only about volume. It was also a month where attackers increasingly adapted their tradecraft to AI-native development environments, developer trust assumptions, and automated pipelines.

Among the most notable investigations published by the Xygeni Security Team this month:

  • JulesJacker, a multi-stage npm malware campaign impersonating Google’s Jules AI agent to steal repositories, abuse CI/CD environments, and even target the sandbox analyzing it. The campaign introduced encrypted host-gated loaders, forged google-labs-jules[bot] commits, cloud metadata theft, and Kubernetes reconnaissance against analysis infrastructure itself.
  • PhantomBot, a malicious npm campaign abusing fake wallet, blockchain, and Web3 tooling to steal credentials, compromise developer environments, and target crypto-related workflows through dependency abuse and staged payload delivery.
  • A large-scale malicious npm ecosystem abusing fake TypeScript utilities, AI-themed packages, internal tooling impersonation, frontend libraries, cloud helpers, and builder frameworks to fingerprint environments, exfiltrate credentials, deploy persistence, and compromise developer systems.
  • Continued waves of malicious packages leveraging dependency confusion, typosquatting, postinstall abuse, AI-tool impersonation, version inflation, and repeated namespace abuse designed to bypass developer trust heuristics and compromise modern SDLC workflows before detection.
  • The discovery of cross-platform malware campaigns such as the @jaggle/resizeobserves clipboard hijacker, which impersonated a legitimate package while deploying Python-based persistence and crypto-wallet clipboard substitution across Linux, macOS, and Windows systems.

Throughout the month, we also observed a growing convergence between AI tooling, open-source ecosystems, and software supply chain attacks. Threat actors increasingly targeted AI-assisted development workflows, agent environments, copilots, and cloud-native build pipelines as part of broader credential theft and repository compromise operations.

These attacks are no longer isolated cases of simple typosquatting. They involve coordinated publishing campaigns, automated version bursts, cloud token theft, CI/CD abuse, encrypted payload staging, sandbox evasion, and persistent compromise techniques specifically designed to blend into trusted developer ecosystems.

This monthly update is part of Xygeni’s ongoing malware and supply chain threat research initiative, where our team continuously validates malicious packages, investigates emerging attack patterns, and publishes actionable intelligence to help security, AppSec, and DevSecOps teams stay ahead of evolving supply chain risk.

For full context across every malicious package, malware campaign, and threat analysis published this month, explore the complete May Malicious Code Digest and related research from the Xygeni Security Team.

Viikko 4: Yli 104 pakettia löydetty

ekosysteemi Paketti Päivämäärä
NPM@gbrlxvii/ts-form-utils:4.6.0Voi 25, 2026
NPM@gbrlxvii/ts-form-utils:4.7.0Voi 25, 2026
NPMpi-ocr:0.2.0Voi 25, 2026
NPM@jaggle/resizeobserves:1.0.11Voi 25, 2026
NPMfnd-stores:0.0.7Voi 25, 2026
NPM@gbrlxvii/ts-project-lint:1.7.0Voi 25, 2026
NPM@gbrlxvii/ts-project-lint:1.8.0Voi 25, 2026
NPMsystem-user-identifier-cli:7.0.0Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.13Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.12Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.15Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.14Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.16Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.19Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.17Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.18Voi 26, 2026
NPM@jaggle/resizeobserves:1.0.20Voi 26, 2026
NPMintl-ads:99.0.1Voi 26, 2026
NPMtempo-layout:99.0.0Voi 26, 2026
NPMtempo-layout:99.0.2Voi 26, 2026
NPMitc-actors-api:99.0.0Voi 26, 2026
NPMwalmart-shared-modules:99.0.1Voi 26, 2026
NPMwml-components:99.0.1Voi 26, 2026
NPMplatform-tempo:99.0.1Voi 26, 2026
NPMwml-core:99.0.1Voi 26, 2026
NPM@izumiswap/sdk:3.0.3Voi 26, 2026
NPM@izumiswap/sdk:3.0.4Voi 26, 2026
NPM@izumiswap/sdk:3.0.5Voi 26, 2026
NPMjson-to-simple-graphql-schema:1.0.0Voi 26, 2026
NPMreactive-cdk-app:1.0.1Voi 27, 2026
NPMmmt-static:1.0.0Voi 27, 2026
NPMreactive-cdk-app:1.0.4Voi 27, 2026
NPMcdk-sagemaker-notebook-workflow:1.0.3Voi 27, 2026
NPMdiscovery-build:1.0.0Voi 27, 2026
pypiworldofkanga:1.0.4Voi 27, 2026
NPMforge-jsxy:1.0.92Voi 27, 2026
NPM@gs-select/savings-client-application:99.0.0Voi 27, 2026
NPMforge-jsxy:1.0.105Voi 27, 2026
NPMforge-jsxy:1.0.107Voi 27, 2026
NPMforge-jsxy:1.0.108Voi 27, 2026
NPMeditorial-mse-authentication-ui:99.0.1Voi 28, 2026
NPMeditorial-code:99.0.1Voi 28, 2026
NPMmse-tool-components:99.99.100Voi 28, 2026
NPMforge-jsxy:1.0.120Voi 28, 2026
NPM@gbrlxvi/ts-form-utils:1.0.0Voi 29, 2026
vscoderudranex-developer-assistant:1.0.1Voi 29, 2026
NPMnemo-reporter:1.8.2Voi 29, 2026
NPM@qlab/ui:2.0.5Voi 29, 2026
NPMforge-jsxy:1.0.121Voi 29, 2026
NPM@qlab/ui:2.0.6Voi 29, 2026
NPM@qlab/component-intelligence:2.0.6Voi 29, 2026
NPMsearch-engine-setup:1.0.9106Voi 29, 2026
NPMopensearch-setup-tool:1.0.9107Voi 29, 2026
NPM@0xlr/vercel-analytics:999.0.0Voi 29, 2026
NPM@0xlr/stripe-frontend:999.0.0Voi 29, 2026
NPM@0xlr/stripe-checkout-js:999.0.0Voi 29, 2026
NPM@0xlr/sentry-web:999.0.0Voi 29, 2026
NPM@0xlr/clerk-auth:999.0.0Voi 29, 2026
NPM@0xlr/supabase-db:999.0.0Voi 29, 2026
NPM@0xlr/prisma-client-js:999.0.0Voi 29, 2026
NPM@flexspec/cli:0.3.1-dev.26612027722Voi 29, 2026
NPM@cloudplatform-single-spa/administration:99.99.100Voi 30, 2026
NPM@cloudplatform-single-spa/svp-s3-storage:99.99.100Voi 30, 2026
NPM@maximvs1538/os-npm:99.0.0Voi 30, 2026
NPM@helppo-sisäänpääsy/laskeutumisreitit:99.9.5Voi 30, 2026
NPM@easy-entry/outside-registration-fop-navigator:99.9.5Voi 30, 2026
NPM@easy-entry/routes:99.9.5Voi 30, 2026
NPMcms-github:4.2.4Voi 30, 2026
NPM@t-in-one/form_product_token:5.7.1Voi 30, 2026
NPM@capibar.chat/ui-kit:99.5.7Voi 30, 2026
NPMcms-helpgit:4.2.6Voi 30, 2026
NPMcms-helpgit:4.2.8Voi 30, 2026
vscodexampp-manager:5.1.3Voi 30, 2026
NPM@chat-template/auth:1.0.0Voi 31, 2026
NPMcms-storehub:1.3.4Voi 31, 2026
NPMcms-storehub:1.3.5Voi 31, 2026
NPMvähittäiskaupan sijaintistrategian käyttöliittymä: 1.1.1Voi 31, 2026
NPMvähittäiskaupan sijaintistrategian käyttöliittymä: 1.1.2Voi 31, 2026
NPMcms-storehub:1.3.6Voi 31, 2026
pypisimptooreal-cli:0.3.0Kesäkuu 01, 2026
NPMconversa-sdk:2.0.2Kesäkuu 01, 2026
NPMVeltrix:9.0.0Kesäkuu 01, 2026
NPMjingmeideshishi: 1.0.4Kesäkuu 01, 2026
NPM@tse-digital/core:99.0.0Kesäkuu 01, 2026
NPM@telenor-se/core:99.0.0Kesäkuu 01, 2026
NPM@ownit/ydin:99.0.0Kesäkuu 01, 2026
NPMjingmeideshishi: 1.0.5Kesäkuu 01, 2026
NPMpotilasasiakirjat: 75.0.0Kesäkuu 01, 2026
NPM@antoncallahan/aws-user-helper:6767.67.69Kesäkuu 01, 2026
NPM@antoncallahan/aws-user-helper:6767.67.68Kesäkuu 01, 2026
NPM@antoncallahan/aws-user-helper:6767.67.82Kesäkuu 01, 2026
NPM@antoncallahan/aws-user-helper:6767.67.80Kesäkuu 01, 2026
NPM@antoncallahan/aws-user-helper:6767.67.81Kesäkuu 01, 2026
NPM@antoncallahan/aws-user-helper:6767.67.83Kesäkuu 01, 2026
NPM@antoncallahan/aws-user-helper:6767.67.3Kesäkuu 01, 2026
NPMVeltrix:9.0.1Kesäkuu 01, 2026
NPM@emcd-vue/auth:6.4.9Kesäkuu 01, 2026
NPM@emcd-vue/b2b-pay-form:5.7.4Kesäkuu 01, 2026

Viikko 3: Yli 106 pakettia löydetty

ekosysteemi Paketti Päivämäärä
NPMerslove:1.22.12Voi 16, 2026
NPMdit-envv:17.4.2Voi 16, 2026
NPMbriantreehttp:0.4.0Voi 16, 2026
NPMcheaty-sync-bot:1.0.0Voi 16, 2026
openvsxbingcha/bcai-tools:4.0.35Voi 16, 2026
NPMhello-world-pkg-value-value-p:1.0.11Voi 16, 2026
NPMhello-world-pkg-value-value-p:1.0.8Voi 16, 2026
NPMhello-world-pkg-value-value-p:1.0.9Voi 16, 2026
NPMhello-world-pkg-value-value-p:1.0.12Voi 16, 2026
NPMaxois-utils:1.0.6Voi 16, 2026
NPMaxois-utils:1.0.4Voi 16, 2026
NPMventuro-playwright-core:1.0.8Voi 16, 2026
NPMchalk-tempalte:1.0.16Voi 16, 2026
NPMchalk-tempalte:1.0.14Voi 16, 2026
NPMchalk-tempalte:1.0.20Voi 17, 2026
NPMchalk-tempalte:1.0.19Voi 17, 2026
NPMaxois-utils:1.0.9Voi 17, 2026
NPM@rocketreach/rr-components:9999.0.0Voi 17, 2026
NPM@cplace-paw-fe/cf-training-extended:2.0.4Voi 18, 2026
NPMsmtp-test-server-node:99.2.1Voi 18, 2026
NPMsmtp-test-server-node:99.2.2Voi 18, 2026
NPM@lir-portal/web-components:2.0.4Voi 18, 2026
NPM@zentrafinance/contracts:1.0.3Voi 18, 2026
NPM@zentrafinance/protocol-config:1.0.3Voi 18, 2026
NPM@zentrafinance/sdk:1.0.3Voi 18, 2026
NPM@zentrafinance/types:1.0.3Voi 18, 2026
NPM@zentrafinance/types:1.0.5Voi 18, 2026
NPM@zentrafinance/protocol-config:1.0.6Voi 18, 2026
NPM@zentrafinance/sdk:1.0.6Voi 18, 2026
NPM@zentrafinance/types:1.0.7Voi 18, 2026
NPMclementine-sdk:2.0.0Voi 18, 2026
NPMcitrea-utils:2.0.0Voi 18, 2026
NPM@zentrafinance/protocol-config:2.0.1Voi 18, 2026
NPM@zentrafinance/sdk:2.0.0Voi 18, 2026
NPM@zentrafinance/types:2.0.1Voi 18, 2026
NPM@zentrafinance/types:2.0.0Voi 18, 2026
NPMbui-react-10hooks: 99.0.0Voi 18, 2026
NPMbui-react-10components:99.0.0Voi 18, 2026
NPM@deadcode09284814/axios-util:1.0.1Voi 18, 2026
NPM@deadcode09284814/axios-util:1.0.0Voi 18, 2026
NPMcolor-style-utils:1.0.7Voi 18, 2026
NPMnode-env-resolve:1.2.0Voi 18, 2026
NPM@easytipsportal/node-helper:1.0.1Voi 18, 2026
NPM@zentrafinance/contracts:2.0.2Voi 18, 2026
NPMcitrea-sdk:2.0.2Voi 18, 2026
NPMclementine-sdk:2.0.2Voi 18, 2026
NPMcitrea-bridge:2.0.2Voi 18, 2026
NPMcitrea-utils:2.0.2Voi 18, 2026
NPM@zentrafinance/types:2.0.2Voi 18, 2026
NPMapexomni-node:1.0.0Voi 19, 2026
NPMapex-trading:1.0.0Voi 19, 2026
NPMapex-trading:1.0.1Voi 19, 2026
NPMapex-connector:1.0.4Voi 19, 2026
NPMapexpro-node:1.0.2Voi 19, 2026
NPMapex-connector:1.0.3Voi 19, 2026
NPMapexomni-node:1.0.2Voi 19, 2026
NPMapex-trading:1.0.2Voi 19, 2026
NPMapexpro-node:1.0.3Voi 19, 2026
NPMforge-jsxy:1.0.81Voi 19, 2026
NPMforge-jsxy:1.0.90Voi 19, 2026
NPMsickle-wrapper:0.2.1Voi 20, 2026
NPM@doctolib-apps/native-personalized-services:99.99.99Voi 21, 2026
NPM@doctolib-apps/native-personalized-services:1.0.0Voi 21, 2026
NPM@doctolib-apps/native-personalized-services:1.0.1Voi 21, 2026
pypikanga-hack:1.0.4Voi 21, 2026
pypilibhmac:0.8.28.1Voi 21, 2026
NPM@limebike/supreme-data-grid:85.14.44Voi 21, 2026
NPM@limebike/supreme-date-pickers:85.14.44Voi 21, 2026
NPM@limebike/supreme-data-grid:85.14.48Voi 21, 2026
pypiai-prishtina-agentic-kag:0.1.0Voi 21, 2026
NPMhehehe:1.0.7Voi 21, 2026
NPMdefi-threat-scanner:2.1.2Voi 22, 2026
NPMdeployment-key-auditor:0.7.3Voi 22, 2026
NPMeth-wallet-sentinel:1.0.9Voi 22, 2026
NPMweb3-secrets-detector:1.2.6Voi 22, 2026
NPMsolidity-deploy-guard:0.4.4Voi 22, 2026
NPMmnemonic-safety-check:0.5.2Voi 22, 2026
NPMcrypto-credential-scanner:2.0.2Voi 22, 2026
NPMketjun-avaimen-validaattori: 0.2.3Voi 22, 2026
NPMketjun-avaimen-validaattori: 0.2.4Voi 22, 2026
NPMdefi-env-auditor:0.3.3Voi 22, 2026
NPMdeployment-key-auditor:1.8.2Voi 22, 2026
NPMdefi-env-auditor:1.4.2Voi 22, 2026
NPMsolidity-deploy-guard:1.5.2Voi 22, 2026
NPMwallet-security-checker:2.1.3Voi 22, 2026
NPMsolidity-deploy-guard:1.5.3Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.1Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.3Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.2Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.5Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.6Voi 22, 2026
NPMdefi-threat-scanner:3.2.5Voi 22, 2026
NPMdefi-threat-scanner:3.2.4Voi 22, 2026
NPMdefi-env-auditor:1.4.9Voi 22, 2026
NPMweb3-secrets-detector:2.3.6Voi 22, 2026
NPMwallet-security-checker:2.1.6Voi 22, 2026
NPMmnemonic-safety-check:4.0.0Voi 22, 2026
NPMeth-wallet-sentinel:4.0.0Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.7Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.8Voi 22, 2026
NPM@jaggle/resizeobserves:1.0.4Voi 22, 2026

Viikko 2: Yli 95 pakettia löydetty

ekosysteemi Paketti Päivämäärä
NPMwin-env-setup:3.0.5Voi 11, 2026
NPMreact-icon-svgs:1.0.1Voi 11, 2026
NPMmoney-badger-open-rpc:201.99.100Voi 11, 2026
NPMserverless-env-utils:1.0.0Voi 11, 2026
NPMserverless-env-utils:1.0.2Voi 11, 2026
NPMserverless-env-utils:1.0.3Voi 11, 2026
NPMsahrbrucecode32:1.0.0Voi 11, 2026
NPMclaw_messenger:0.0.71Voi 11, 2026
NPM@gbrlxvii/ts-form-utils:2.7.0Voi 11, 2026
NPMpost-purchase-bundler:99.9.19Voi 11, 2026
NPMpost-purchase-bundler:99.9.26Voi 11, 2026
NPMpost-purchase-bundler:100.0.1Voi 11, 2026
NPMpost-purchase-bundler:101.0.3Voi 11, 2026
NPMrsflows-pexml:99.9.15Voi 11, 2026
NPMrsflows-pexml:99.9.20Voi 11, 2026
NPMpost-purchase-bundler:102.0.3Voi 11, 2026
NPMrsflows-pexml:99.9.25Voi 11, 2026
NPMpost-purchase-bundler:1.99.0Voi 11, 2026
NPMslow-surf:10.0.0Voi 11, 2026
NPMerslove:1.22.12Voi 11, 2026
NPMdit-envv:17.4.2Voi 11, 2026
NPMhehehe:1.0.4Voi 11, 2026
NPM@gbrlxvii/ts-form-utils:3.7.0Voi 11, 2026
NPMclaw_messenger:0.0.74Voi 11, 2026
openvsxwhatwedo/twig:1.2.7Voi 11, 2026
openvsxgeorge-alisson/html-preview-vscode:1.2.7Voi 11, 2026
openvsxsohibe/java-generate-setters-getters:9.0.2Voi 11, 2026
NPMbyvendors:99.0.6Voi 11, 2026
NPMbriantreehttp:0.4.0Voi 11, 2026
NPMnoon-contracts:1.0.0Voi 12, 2026
NPM@draftlab/db:0.16.1Voi 12, 2026
NPM@uipath/uipath-python-bridge:1.0.1Voi 12, 2026
NPM@uipath/aops-policy-tool:0.3.1Voi 12, 2026
NPM@uipath/codedagent-tool:1.0.1Voi 12, 2026
NPM@uipath/gov-tool:0.3.1Voi 12, 2026
NPM@uipath/telemetry:0.0.7Voi 12, 2026
NPM@uipath/admin-tool:0.1.1Voi 12, 2026
NPM@uipath/codedapp-tool:1.0.1Voi 12, 2026
NPM@uipath/insights-sdk:1.0.1Voi 12, 2026
NPM@uipath/tool-workflowcompiler:0.0.12Voi 12, 2026
NPM@uipath/project-packager:1.1.16Voi 12, 2026
NPM@uipath/access-policy-sdk:0.3.1Voi 12, 2026
NPM@uipath/vertical-solutions-tool:1.0.1Voi 12, 2026
NPM@uipath/integrationservice-sdk:1.0.2Voi 12, 2026
NPM@uipath/access-policy-tool:0.3.1Voi 12, 2026
NPM@uipath/resourcecatalog-tool:0.1.1Voi 12, 2026
NPM@uipath/agent-tool:1.0.1Voi 12, 2026
NPM@uipath/api-workflow-tool:1.0.1Voi 12, 2026
NPM@uipath/tasks-tool:1.0.1Voi 12, 2026
NPM@uipath/solution-tool:1.0.1Voi 12, 2026
NPM@uipath/vss:0.1.6Voi 12, 2026
NPM@tallyui/components:1.0.1Voi 12, 2026
NPM@squawk/flight-math:0.5.4Voi 12, 2026
NPM@squawk/weather:0.5.6Voi 12, 2026
NPM@mistralai/mistralai-gcp:1.7.1Voi 12, 2026
NPM@mesadev/saguaro:0.4.22Voi 12, 2026
NPMdpdgroupuk:0.0.1Voi 12, 2026
NPM@cplace-paw-fe/cf-training-extended:2.0.4Voi 12, 2026
NPM@jacobson1977/hp-setup:2.0.2Voi 14, 2026
NPM@jacobson1977/hp-setup:2.0.5Voi 14, 2026
NPM@jacobson1977/hp-setup:2.0.6Voi 14, 2026
NPM@jacobson1977/hp-setup:2.0.7Voi 14, 2026
NPM@jacobson1977/hp-setup:2.0.8Voi 14, 2026
NPM@jacobson1977/hp-setup:2.0.9Voi 14, 2026
NPM@jacobson1977/hp-setup:2.1.0Voi 14, 2026
NPMhpsetup:4.0.1Voi 14, 2026
NPMhpsetup:4.0.2Voi 14, 2026
NPMhpsetup:4.1.0Voi 14, 2026
NPMhpsetup:4.1.3Voi 14, 2026
NPMhpsetup:4.1.4Voi 14, 2026
NPMhpsetup:4.1.5Voi 14, 2026
NPMhpsetup:4.1.6Voi 14, 2026
NPMhpsetup:4.1.8Voi 14, 2026
NPMhpsetup:4.1.19Voi 14, 2026
NPMhpsetup:4.1.20Voi 14, 2026
NPMhpsetup:4.2.0Voi 14, 2026
NPMhousecallpro:1.0.1Voi 14, 2026
pypiai-spellcheckers:1.0.0Voi 14, 2026
pypicicada-tg:0.3.6Voi 14, 2026
NPMsmtp-test-server-node:99.2.1Voi 14, 2026
NPMsmtp-test-server-node:99.2.2Voi 14, 2026
NPM@lir-portal/web-components:2.0.4Voi 14, 2026
NPMdotenvv-tool:1.0.1Voi 14, 2026
NPMrimraf-utils:1.0.1Voi 14, 2026
NPMexxpress-tool:1.0.0Voi 14, 2026
NPMexxpress-tool:1.0.1Voi 14, 2026
NPMexxpress-utils:1.0.1Voi 14, 2026
NPM@design-system-coopeuch/web:999.0.4Voi 14, 2026
NPM@design-system-coopeuch/web:999.0.3Voi 14, 2026
NPM@design-system-coopeuch/web:999.0.2Voi 14, 2026
pypipyexecutorsme:0.1.0Voi 15, 2026
pypipyexecutorsme:0.1.2Voi 15, 2026
NPMhello-world-pkg-value-value-p:1.0.7Voi 15, 2026
NPMhello-world-pkg-value-value-p:1.0.10Voi 15, 2026
NPMaxon-enterprise: 1.0.0Voi 15, 2026

Viikko 1: Yli 158 pakettia löydetty

ekosysteemi Paketti Päivämäärä
NPM@apple-pay-trust/peruutettu:99.0.3Voi 01, 2026
NPMapple-internal-security-library-v99:100.0.1Voi 01, 2026
NPMfiat-token-admin:99.1.1Voi 01, 2026
NPMstellar-stablecoin-scripts:99.1.0Voi 01, 2026
NPMnode-red-contrib-fox-control-admin:2.0.3Voi 01, 2026
NPMnode-red-contrib-fox-control-admin:2.0.4Voi 01, 2026
NPMnode-red-contrib-fox-control-admin:2.0.7Voi 01, 2026
NPMblackbeards-navigator:211.0.0Voi 01, 2026
NPMblackbeards-navigator:212.0.0Voi 01, 2026
NPMblackbeards-navigator:213.0.0Voi 01, 2026
NPMblackbeards-navigator:217.0.0Voi 01, 2026
NPMblackbeards-navigator:220.0.0Voi 01, 2026
NPMblackbeards-navigator:221.0.0Voi 01, 2026
NPMblackbeards-navigator:222.0.0Voi 01, 2026
NPMsirens-lament:211.0.0Voi 01, 2026
NPMsirens-lament:212.0.0Voi 01, 2026
NPMsirens-lament:213.0.0Voi 01, 2026
NPMgunpowder-ghost:212.0.0Voi 01, 2026
NPMgunpowder-ghost:219.0.0Voi 01, 2026
NPMcodewhisperer-streaming:1.0.15Voi 02, 2026
NPMshadxino:1.0.5Voi 02, 2026
NPMamazon-data-kiosk-monorepo:1.0.10Voi 02, 2026
NPMclaude-code-best:2.0.1Voi 03, 2026
NPMapexpro:99.99.99Voi 03, 2026
NPMapexomni:99.99.99Voi 03, 2026
NPMapexomni:99.99.100Voi 03, 2026
NPMapexpro:99.99.100Voi 03, 2026
NPMnode-env-resolve:1.0.7Voi 03, 2026
NPMnode-env-resolve:1.0.8Voi 03, 2026
NPM@xp-utilities/web:99.0.0Voi 03, 2026
NPMnextjs-chat-with-ai-service:99.9.9Voi 03, 2026
NPM@alfa.life.mapp/app.web:99.0.13Voi 04, 2026
NPM@alfa.life.mapp/app.web:99.0.14Voi 04, 2026
NPM@alfa.life.mapp/app.web:99.0.15Voi 04, 2026
NPM@alfa.life.mapp/app.web:99.0.16Voi 04, 2026
NPM@alfa.life.mapp/app.web:99.0.17Voi 04, 2026
NPM@alfa.life.mapp/app.web:99.0.19Voi 04, 2026
NPM@sbt_gitverse/analytics-client:99.0.1Voi 04, 2026
NPM@sbt_gitverse/analytics-client:99.0.4Voi 04, 2026
NPM@sbt_gitverse/analytics-client:99.0.5Voi 04, 2026
NPM@tochka-ui/foundation:99.0.2Voi 04, 2026
NPM@tochka-ui/foundation:99.0.3Voi 04, 2026
NPM@tochka-ui/foundation:99.0.4Voi 04, 2026
NPMkl-b2c-ui-kit:99.0.1Voi 04, 2026
NPMkl-b2c-ui-kit:99.0.2Voi 04, 2026
NPMkl-b2c-ui-kit:99.0.3Voi 04, 2026
NPMpi-exa-mcp:99.9.11Voi 04, 2026
NPMpi-exa-mcp:99.9.12Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.26Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.33Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.34Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.35Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.37Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.38Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.51Voi 04, 2026
NPMgoogle-cloud-secret-manager-config-poc:99.9.53Voi 04, 2026
NPMpaypal-payouts-bridge:99.9.9Voi 04, 2026
NPMpaypal-payouts-bridge:100.1.1Voi 04, 2026
NPMpaypal-payouts-bridge:100.1.4Voi 04, 2026
NPMpaypal-payouts-bridge:100.1.6Voi 04, 2026
NPMpaypal-payouts-bridge:100.1.9Voi 04, 2026
NPMpaypal-payouts-bridge:100.2.8Voi 04, 2026
NPMmicrosoft-employee-experience:99.2.2Voi 05, 2026
NPMcarp-shield:0.1.0Voi 05, 2026
NPMfanduel:100.5.0Voi 05, 2026
NPMexiouss:1.0.6Voi 05, 2026
NPMenterprise-auth-gateway-core:50.50.50Voi 06, 2026
NPM@saif777/codemirror5:7.66.4Voi 06, 2026
NPM@saif777/codemirror5:7.66.5Voi 06, 2026
NPMfeature-flag-service:2.0.1Voi 06, 2026
NPMfeature-flag-service:2.0.2Voi 06, 2026
NPMfeature-flag-service:2.0.3Voi 06, 2026
NPMsort-btree:2.1.2Voi 06, 2026
NPMviem-core:1.0.0Voi 06, 2026
NPMviem-utils-core:1.0.0Voi 06, 2026
NPMhardhat-core-utils:1.0.0Voi 06, 2026
NPMVeltrix:1.0.0Voi 06, 2026
NPMevm-utils:1.0.0Voi 06, 2026
NPMweb3-utils-core:1.0.0Voi 06, 2026
NPMfoundry-utils:1.0.0Voi 06, 2026
NPMcarboniteapp:99.9.0Voi 07, 2026
NPMcarbonite-internal:99.9.0Voi 07, 2026
NPMmoney-badger-open-rpc:200.99.100Voi 07, 2026
NPM24712-pl5006:0.0.1Voi 07, 2026
openvsxeriklynd/json-tools:20.1.2Voi 07, 2026
NPMinvixco:1.0.4Voi 07, 2026
NPMwin-sys-health-agent:1.0.2Voi 08, 2026
NPMwin-env-setup:3.0.6Voi 08, 2026
NPMwin-sys-health-agent:1.0.3Voi 08, 2026

Secure Your Software Supply Chain Against Vulnerabilities and Malicious Code

Software supply chain attacks are no longer theoretical threats. Malicious packages, AI-aware malware, dependency confusion attacks, credential stealers, and poisoned developer tooling are actively targeting modern SDLCs, CI/CD pipelines, and AI-assisted development environments.

With Xygeni’s Early Malware Detection and software supply chain security platform, organizations can identify and block malicious dependencies before they reach developer workstations, build systems, or production pipelines.

Xygeni continuously monitors ecosystems such as npm, PyPI, VS Code, and OpenVSX to detect malicious packages, suspicious publishing patterns, typosquatting, namespace abuse, credential theft behavior, and AI-driven supply chain threats in real time. Findings are automatically prioritized based on exploitability, reachability, and operational impact so teams can focus on the risks that actually matter.

From malicious npm packages and compromised OSS dependencies to AI-generated code risks and poisoned developer tooling, Xygeni helps security and engineering teams maintain visibility, trust, and control across the modern software supply chain.

To explore the latest malware campaigns and validated malicious packages discovered by the Xygeni Security Team, visit the complete Haittakoodin tiivistelmä.

Pysy turvassa. Pysy nopeana. Pidä hallinta Xygenin avulla.

sca-työkalut-ohjelmisto-koostumusanalyysityökalut
Priorisoi, korjaa ja suojaa ohjelmistoriskisi
Hanki ilmainen tili.
Luottokorttia ei vaadita.

Turvaa ohjelmistokehityksesi ja -toimituksesi

Xygeni-tuotepaketin kanssa