Resumo de código malicioso de maio

Resumo mensual de Malicious Code Digest: maio

Welcome to the May edition of the Xygeni Malicious Code Digest. This month, our security research team continued tracking the evolving landscape of software supply chain threats across public package registries, developer tooling, AI-assisted workflows, and modern CI/CD environments. Throughout May, Xygeni identified and validated hundreds of malicious packages targeting npm, PyPI, VS Code, and OpenVSX ecosystems.

But May was not only about volume. It was also a month where attackers increasingly adapted their tradecraft to AI-native development environments, developer trust assumptions, and automated pipelines.

Among the most notable investigations published by the Xygeni Security Team this month:

  • JulesJacker, a multi-stage npm malware campaign impersonating Google’s Jules AI agent to steal repositories, abuse CI/CD environments, and even target the sandbox analyzing it. The campaign introduced encrypted host-gated loaders, forged google-labs-jules[bot] commits, cloud metadata theft, and Kubernetes reconnaissance against analysis infrastructure itself.
  • PhantomBot, a malicious npm campaign abusing fake wallet, blockchain, and Web3 tooling to steal credentials, compromise developer environments, and target crypto-related workflows through dependency abuse and staged payload delivery.
  • A large-scale malicious npm ecosystem abusing fake TypeScript utilities, AI-themed packages, internal tooling impersonation, frontend libraries, cloud helpers, and builder frameworks to fingerprint environments, exfiltrate credentials, deploy persistence, and compromise developer systems.
  • Continued waves of malicious packages leveraging dependency confusion, typosquatting, postinstall abuse, AI-tool impersonation, version inflation, and repeated namespace abuse designed to bypass developer trust heuristics and compromise modern SDLC workflows before detection.
  • The discovery of cross-platform malware campaigns such as the @jaggle/resizeobserves clipboard hijacker, which impersonated a legitimate package while deploying Python-based persistence and crypto-wallet clipboard substitution across Linux, macOS, and Windows systems.

Throughout the month, we also observed a growing convergence between AI tooling, open-source ecosystems, and software supply chain attacks. Threat actors increasingly targeted AI-assisted development workflows, agent environments, copilots, and cloud-native build pipelines as part of broader credential theft and repository compromise operations.

These attacks are no longer isolated cases of simple typosquatting. They involve coordinated publishing campaigns, automated version bursts, cloud token theft, CI/CD abuse, encrypted payload staging, sandbox evasion, and persistent compromise techniques specifically designed to blend into trusted developer ecosystems.

This monthly update is part of Xygeni’s ongoing malware and supply chain threat research initiative, where our team continuously validates malicious packages, investigates emerging attack patterns, and publishes actionable intelligence to help security, AppSec, and DevSecOps teams stay ahead of evolving supply chain risk.

For full context across every malicious package, malware campaign, and threat analysis published this month, explore the complete May Malicious Code Digest and related research from the Xygeni Security Team.

Semana 4: Máis de 104 paquetes descubertos

Ecosystem Paquete data
npm@gbrlxvii/ts-form-utils:4.6.0Pode 25, 2026
npm@gbrlxvii/ts-form-utils:4.7.0Pode 25, 2026
npmpi-ocr:0.2.0Pode 25, 2026
npm@jaggle/resizeobserves:1.0.11Pode 25, 2026
npmfnd-stores:0.0.7Pode 25, 2026
npm@gbrlxvii/ts-project-lint:1.7.0Pode 25, 2026
npm@gbrlxvii/ts-project-lint:1.8.0Pode 25, 2026
npmsystem-user-identifier-cli:7.0.0Pode 26, 2026
npm@jaggle/resizeobserves:1.0.13Pode 26, 2026
npm@jaggle/resizeobserves:1.0.12Pode 26, 2026
npm@jaggle/resizeobserves:1.0.15Pode 26, 2026
npm@jaggle/resizeobserves:1.0.14Pode 26, 2026
npm@jaggle/resizeobserves:1.0.16Pode 26, 2026
npm@jaggle/resizeobserves:1.0.19Pode 26, 2026
npm@jaggle/resizeobserves:1.0.17Pode 26, 2026
npm@jaggle/resizeobserves:1.0.18Pode 26, 2026
npm@jaggle/resizeobserves:1.0.20Pode 26, 2026
npmintl-ads:99.0.1Pode 26, 2026
npmtempo-layout:99.0.0Pode 26, 2026
npmtempo-layout:99.0.2Pode 26, 2026
npmitc-actors-api:99.0.0Pode 26, 2026
npmwalmart-shared-modules:99.0.1Pode 26, 2026
npmwml-components:99.0.1Pode 26, 2026
npmplatform-tempo:99.0.1Pode 26, 2026
npmwml-core:99.0.1Pode 26, 2026
npm@izumiswap/sdk:3.0.3Pode 26, 2026
npm@izumiswap/sdk:3.0.4Pode 26, 2026
npm@izumiswap/sdk:3.0.5Pode 26, 2026
npmjson-a-esquema-graphql-simple:1.0.0Pode 26, 2026
npmreactive-cdk-app:1.0.1Pode 27, 2026
npmmmt-static:1.0.0Pode 27, 2026
npmreactive-cdk-app:1.0.4Pode 27, 2026
npmcdk-sagemaker-notebook-workflow:1.0.3Pode 27, 2026
npmdiscovery-build:1.0.0Pode 27, 2026
pypiworldofkanga:1.0.4Pode 27, 2026
npmforge-jsxy:1.0.92Pode 27, 2026
npm@gs-select/aforro-cliente-aplicación:99.0.0Pode 27, 2026
npmforge-jsxy:1.0.105Pode 27, 2026
npmforge-jsxy:1.0.107Pode 27, 2026
npmforge-jsxy:1.0.108Pode 27, 2026
npmeditorial-mse-authentication-ui:99.0.1Pode 28, 2026
npmeditorial-code:99.0.1Pode 28, 2026
npmmse-tool-components:99.99.100Pode 28, 2026
npmforge-jsxy:1.0.120Pode 28, 2026
npm@gbrlxvi/ts-form-utils:1.0.0Pode 29, 2026
vscoderudranex-developer-assistant:1.0.1Pode 29, 2026
npmnemo-reporter:1.8.2Pode 29, 2026
npm@qlab/ui:2.0.5Pode 29, 2026
npmforge-jsxy:1.0.121Pode 29, 2026
npm@qlab/ui:2.0.6Pode 29, 2026
npm@qlab/component-intelligence:2.0.6Pode 29, 2026
npmsearch-engine-setup:1.0.9106Pode 29, 2026
npmopensearch-setup-tool:1.0.9107Pode 29, 2026
npm@0xlr/vercel-analytics:999.0.0Pode 29, 2026
npm@0xlr/stripe-frontend:999.0.0Pode 29, 2026
npm@0xlr/stripe-checkout-js:999.0.0Pode 29, 2026
npm@0xlr/sentry-web:999.0.0Pode 29, 2026
npm@0xlr/clerk-auth:999.0.0Pode 29, 2026
npm@0xlr/supabase-db:999.0.0Pode 29, 2026
npm@0xlr/prisma-client-js:999.0.0Pode 29, 2026
npm@flexspec/cli:0.3.1-dev.26612027722Pode 29, 2026
npm@cloudplatform-single-spa/administración:99.99.100Pode 30, 2026
npm@cloudplatform-single-spa/svp-s3-storage:99.99.100Pode 30, 2026
npm@maximvs1538/os-npm:99.0.0Pode 30, 2026
npm@rutas-de-entrada-facil/aterraxe:99.9.5Pode 30, 2026
npm@entrada-fácil/navegador-fop-de-rexistro-externo:99.9.5Pode 30, 2026
npm@entrada-fácil/rutas:99.9.5Pode 30, 2026
npmcms-github:4.2.4Pode 30, 2026
npm@t-in-one/form_product_token:5.7.1Pode 30, 2026
npm@capibar.chat/ui-kit:99.5.7Pode 30, 2026
npmcms-helpgit:4.2.6Pode 30, 2026
npmcms-helpgit:4.2.8Pode 30, 2026
vscodexestor-xampp:5.1.3Pode 30, 2026
npm@modelo-de-chat/auth:1.0.0Pode 31, 2026
npmcms-storehub:1.3.4Pode 31, 2026
npmcms-storehub:1.3.5Pode 31, 2026
npmfrontend da estratexia de localización comercial: 1.1.1Pode 31, 2026
npmfrontend da estratexia de localización comercial: 1.1.2Pode 31, 2026
npmcms-storehub:1.3.6Pode 31, 2026
pypisimtooreal-cli:0.3.0Xuño 01, 2026
npmconversa-sdk:2.0.2Xuño 01, 2026
npmveltrix:9.0.0Xuño 01, 2026
npmjingmeideshishi:1.0.4Xuño 01, 2026
npm@tse-digital/core:99.0.0Xuño 01, 2026
npm@telenor-se/core:99.0.0Xuño 01, 2026
npm@ownit/core:99.0.0Xuño 01, 2026
npmjingmeideshishi:1.0.5Xuño 01, 2026
npmdocumentosdopaciente:75.0.0Xuño 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.69Xuño 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.68Xuño 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.82Xuño 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.80Xuño 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.81Xuño 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.83Xuño 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.3Xuño 01, 2026
npmveltrix:9.0.1Xuño 01, 2026
npm@emcd-vue/auth:6.4.9Xuño 01, 2026
npm@emcd-vue/formulario-de-pago-b2b:5.7.4Xuño 01, 2026

Semana 3: Máis de 106 paquetes descubertos

Ecosystem Paquete data
npmerslove:1.22.12Pode 16, 2026
npmdit-envv:17.4.2Pode 16, 2026
npmbriantreehttp:0.4.0Pode 16, 2026
npmcheaty-sync-bot:1.0.0Pode 16, 2026
openvsxbingcha/bcai-tools:4.0.35Pode 16, 2026
npmhello-world-pkg-value-value-p:1.0.11Pode 16, 2026
npmhello-world-pkg-value-value-p:1.0.8Pode 16, 2026
npmhello-world-pkg-value-value-p:1.0.9Pode 16, 2026
npmhello-world-pkg-value-value-p:1.0.12Pode 16, 2026
npmaxois-utils:1.0.6Pode 16, 2026
npmaxois-utils:1.0.4Pode 16, 2026
npmventuro-playwright-core:1.0.8Pode 16, 2026
npmchalk-tempalte:1.0.16Pode 16, 2026
npmchalk-tempalte:1.0.14Pode 16, 2026
npmchalk-tempalte:1.0.20Pode 17, 2026
npmchalk-tempalte:1.0.19Pode 17, 2026
npmaxois-utils:1.0.9Pode 17, 2026
npm@rocketreach/rr-components:9999.0.0Pode 17, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.4Pode 18, 2026
npmsmtp-test-server-node:99.2.1Pode 18, 2026
npmsmtp-test-server-node:99.2.2Pode 18, 2026
npm@lir-portal/web-components:2.0.4Pode 18, 2026
npm@zentrafinance/contracts:1.0.3Pode 18, 2026
npm@zentrafinance/protocol-config:1.0.3Pode 18, 2026
npm@zentrafinance/sdk:1.0.3Pode 18, 2026
npm@zentrafinance/types:1.0.3Pode 18, 2026
npm@zentrafinance/types:1.0.5Pode 18, 2026
npm@zentrafinance/protocol-config:1.0.6Pode 18, 2026
npm@zentrafinance/sdk:1.0.6Pode 18, 2026
npm@zentrafinance/types:1.0.7Pode 18, 2026
npmclementine-sdk:2.0.0Pode 18, 2026
npmcitrea-utils:2.0.0Pode 18, 2026
npm@zentrafinance/protocol-config:2.0.1Pode 18, 2026
npm@zentrafinance/sdk:2.0.0Pode 18, 2026
npm@zentrafinance/types:2.0.1Pode 18, 2026
npm@zentrafinance/types:2.0.0Pode 18, 2026
npmbui-react-10hooks: 99.0.0Pode 18, 2026
npmbui-react-10components:99.0.0Pode 18, 2026
npm@deadcode09284814/axios-util:1.0.1Pode 18, 2026
npm@deadcode09284814/axios-util:1.0.0Pode 18, 2026
npmcolor-style-utils:1.0.7Pode 18, 2026
npmnode-env-resolve:1.2.0Pode 18, 2026
npm@easytipsportal/node-helper:1.0.1Pode 18, 2026
npm@zentrafinance/contracts:2.0.2Pode 18, 2026
npmcitrea-sdk:2.0.2Pode 18, 2026
npmclementine-sdk:2.0.2Pode 18, 2026
npmcitrea-bridge:2.0.2Pode 18, 2026
npmcitrea-utils:2.0.2Pode 18, 2026
npm@zentrafinance/types:2.0.2Pode 18, 2026
npmapexomni-node:1.0.0Pode 19, 2026
npmapex-trading:1.0.0Pode 19, 2026
npmapex-trading:1.0.1Pode 19, 2026
npmapex-connector:1.0.4Pode 19, 2026
npmapexpro-node:1.0.2Pode 19, 2026
npmapex-connector:1.0.3Pode 19, 2026
npmapexomni-node:1.0.2Pode 19, 2026
npmapex-trading:1.0.2Pode 19, 2026
npmapexpro-node:1.0.3Pode 19, 2026
npmforge-jsxy:1.0.81Pode 19, 2026
npmforge-jsxy:1.0.90Pode 19, 2026
npmsickle-wrapper:0.2.1Pode 20, 2026
npm@doctolib-apps/native-personalized-services:99.99.99Pode 21, 2026
npm@doctolib-apps/native-personalized-services:1.0.0Pode 21, 2026
npm@doctolib-apps/native-personalized-services:1.0.1Pode 21, 2026
pypikanga-hack:1.0.4Pode 21, 2026
pypilibhmac:0.8.28.1Pode 21, 2026
npm@limebike/supreme-data-grid:85.14.44Pode 21, 2026
npm@limebike/supreme-date-pickers:85.14.44Pode 21, 2026
npm@limebike/supreme-data-grid:85.14.48Pode 21, 2026
pypiai-prishtina-agentic-kag:0.1.0Pode 21, 2026
npmhehehe:1.0.7Pode 21, 2026
npmdefi-threat-scanner:2.1.2Pode 22, 2026
npmdeployment-key-auditor:0.7.3Pode 22, 2026
npmeth-wallet-sentinel:1.0.9Pode 22, 2026
npmweb3-secrets-detector:1.2.6Pode 22, 2026
npmsolidity-deploy-guard:0.4.4Pode 22, 2026
npmmnemonic-safety-check:0.5.2Pode 22, 2026
npmcrypto-credential-scanner:2.0.2Pode 22, 2026
npmvalidador-de-chaves-da-cadea:0.2.3Pode 22, 2026
npmvalidador-de-chaves-da-cadea:0.2.4Pode 22, 2026
npmauditor-defi-env:0.3.3Pode 22, 2026
npmdeployment-key-auditor:1.8.2Pode 22, 2026
npmauditor-defi-env:1.4.2Pode 22, 2026
npmsolidity-deploy-guard:1.5.2Pode 22, 2026
npmwallet-security-checker:2.1.3Pode 22, 2026
npmsolidity-deploy-guard:1.5.3Pode 22, 2026
npm@jaggle/resizeobserves:1.0.1Pode 22, 2026
npm@jaggle/resizeobserves:1.0.3Pode 22, 2026
npm@jaggle/resizeobserves:1.0.2Pode 22, 2026
npm@jaggle/resizeobserves:1.0.5Pode 22, 2026
npm@jaggle/resizeobserves:1.0.6Pode 22, 2026
npmdefi-threat-scanner:3.2.5Pode 22, 2026
npmdefi-threat-scanner:3.2.4Pode 22, 2026
npmauditor-defi-env:1.4.9Pode 22, 2026
npmweb3-secrets-detector:2.3.6Pode 22, 2026
npmwallet-security-checker:2.1.6Pode 22, 2026
npmmnemonic-safety-check:4.0.0Pode 22, 2026
npmeth-wallet-sentinel:4.0.0Pode 22, 2026
npm@jaggle/resizeobserves:1.0.7Pode 22, 2026
npm@jaggle/resizeobserves:1.0.8Pode 22, 2026
npm@jaggle/resizeobserves:1.0.4Pode 22, 2026

Semana 2: Máis de 95 paquetes descubertos

Ecosystem Paquete data
npmwin-env-setup:3.0.5Pode 11, 2026
npmreact-icon-svgs:1.0.1Pode 11, 2026
npmmoney-badger-open-rpc:201.99.100Pode 11, 2026
npmserverless-env-utils:1.0.0Pode 11, 2026
npmserverless-env-utils:1.0.2Pode 11, 2026
npmserverless-env-utils:1.0.3Pode 11, 2026
npmsahrbrucecode32:1.0.0Pode 11, 2026
npmclaw_messenger:0.0.71Pode 11, 2026
npm@gbrlxvii/ts-form-utils:2.7.0Pode 11, 2026
npmpost-purchase-bundler:99.9.19Pode 11, 2026
npmpost-purchase-bundler:99.9.26Pode 11, 2026
npmpost-purchase-bundler:100.0.1Pode 11, 2026
npmpost-purchase-bundler:101.0.3Pode 11, 2026
npmrsflows-pexml:99.9.15Pode 11, 2026
npmrsflows-pexml:99.9.20Pode 11, 2026
npmpost-purchase-bundler:102.0.3Pode 11, 2026
npmrsflows-pexml:99.9.25Pode 11, 2026
npmpost-purchase-bundler:1.99.0Pode 11, 2026
npmslow-surf:10.0.0Pode 11, 2026
npmerslove:1.22.12Pode 11, 2026
npmdit-envv:17.4.2Pode 11, 2026
npmhehehe:1.0.4Pode 11, 2026
npm@gbrlxvii/ts-form-utils:3.7.0Pode 11, 2026
npmclaw_messenger:0.0.74Pode 11, 2026
openvsxwhatwedo/twig:1.2.7Pode 11, 2026
openvsxgeorge-alisson/html-preview-vscode:1.2.7Pode 11, 2026
openvsxsohibe/java-generate-setters-getters:9.0.2Pode 11, 2026
npmbyvendors:99.0.6Pode 11, 2026
npmbriantreehttp:0.4.0Pode 11, 2026
npmnoon-contracts:1.0.0Pode 12, 2026
npm@draftlab/db:0.16.1Pode 12, 2026
npm@uipath/uipath-python-bridge:1.0.1Pode 12, 2026
npm@uipath/aops-policy-tool:0.3.1Pode 12, 2026
npm@uipath/codedagent-tool:1.0.1Pode 12, 2026
npm@uipath/gov-tool:0.3.1Pode 12, 2026
npm@uipath/telemetry:0.0.7Pode 12, 2026
npm@uipath/admin-tool:0.1.1Pode 12, 2026
npm@uipath/codedapp-tool:1.0.1Pode 12, 2026
npm@uipath/insights-sdk:1.0.1Pode 12, 2026
npm@uipath/tool-workflowcompiler:0.0.12Pode 12, 2026
npm@uipath/project-packager:1.1.16Pode 12, 2026
npm@uipath/access-policy-sdk:0.3.1Pode 12, 2026
npm@uipath/vertical-solutions-tool:1.0.1Pode 12, 2026
npm@uipath/integrationservice-sdk:1.0.2Pode 12, 2026
npm@uipath/access-policy-tool:0.3.1Pode 12, 2026
npm@uipath/resourcecatalog-tool:0.1.1Pode 12, 2026
npm@uipath/agent-tool:1.0.1Pode 12, 2026
npm@uipath/api-workflow-tool:1.0.1Pode 12, 2026
npm@uipath/tasks-tool:1.0.1Pode 12, 2026
npm@uipath/solution-tool:1.0.1Pode 12, 2026
npm@uipath/vss:0.1.6Pode 12, 2026
npm@tallyui/components:1.0.1Pode 12, 2026
npm@squawk/flight-math:0.5.4Pode 12, 2026
npm@squawk/weather:0.5.6Pode 12, 2026
npm@mistralai/mistralai-gcp:1.7.1Pode 12, 2026
npm@mesadev/saguaro:0.4.22Pode 12, 2026
npmdpdgroupuk:0.0.1Pode 12, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.4Pode 12, 2026
npm@jacobson1977/hp-setup:2.0.2Pode 14, 2026
npm@jacobson1977/hp-setup:2.0.5Pode 14, 2026
npm@jacobson1977/hp-setup:2.0.6Pode 14, 2026
npm@jacobson1977/hp-setup:2.0.7Pode 14, 2026
npm@jacobson1977/hp-setup:2.0.8Pode 14, 2026
npm@jacobson1977/hp-setup:2.0.9Pode 14, 2026
npm@jacobson1977/hp-setup:2.1.0Pode 14, 2026
npmconfiguración de hp:4.0.1Pode 14, 2026
npmconfiguración de hp:4.0.2Pode 14, 2026
npmconfiguración de hp:4.1.0Pode 14, 2026
npmconfiguración de hp:4.1.3Pode 14, 2026
npmconfiguración de hp:4.1.4Pode 14, 2026
npmconfiguración de hp:4.1.5Pode 14, 2026
npmconfiguración de hp:4.1.6Pode 14, 2026
npmconfiguración de hp:4.1.8Pode 14, 2026
npmconfiguración de hp:4.1.19Pode 14, 2026
npmconfiguración de hp:4.1.20Pode 14, 2026
npmconfiguración de hp:4.2.0Pode 14, 2026
npmhousecallpro:1.0.1Pode 14, 2026
pypiai-spellcheckers:1.0.0Pode 14, 2026
pypicicada-tg:0.3.6Pode 14, 2026
npmsmtp-test-server-node:99.2.1Pode 14, 2026
npmsmtp-test-server-node:99.2.2Pode 14, 2026
npm@lir-portal/web-components:2.0.4Pode 14, 2026
npmdotenvv-tool:1.0.1Pode 14, 2026
npmrimraf-utils:1.0.1Pode 14, 2026
npmexxpress-tool:1.0.0Pode 14, 2026
npmexxpress-tool:1.0.1Pode 14, 2026
npmexxpress-utils:1.0.1Pode 14, 2026
npm@design-system-coopeuch/web:999.0.4Pode 14, 2026
npm@design-system-coopeuch/web:999.0.3Pode 14, 2026
npm@design-system-coopeuch/web:999.0.2Pode 14, 2026
pypipyexecutorsme:0.1.0Pode 15, 2026
pypipyexecutorsme:0.1.2Pode 15, 2026
npmhello-world-pkg-value-value-p:1.0.7Pode 15, 2026
npmhello-world-pkg-value-value-p:1.0.10Pode 15, 2026
npmaxon-enterprise: 1.0.0Pode 15, 2026

Semana 1: Máis de 158 paquetes descubertos

Ecosystem Paquete data
npm@apple-pay-trust/cancelado:99.0.3Pode 01, 2026
npmapple-internal-security-library-v99:100.0.1Pode 01, 2026
npmfiat-token-admin:99.1.1Pode 01, 2026
npmstellar-stablecoin-scripts:99.1.0Pode 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.3Pode 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.4Pode 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.7Pode 01, 2026
npmblackbeards-navigator:211.0.0Pode 01, 2026
npmblackbeards-navigator:212.0.0Pode 01, 2026
npmblackbeards-navigator:213.0.0Pode 01, 2026
npmblackbeards-navigator:217.0.0Pode 01, 2026
npmblackbeards-navigator:220.0.0Pode 01, 2026
npmblackbeards-navigator:221.0.0Pode 01, 2026
npmblackbeards-navigator:222.0.0Pode 01, 2026
npmsirens-lament:211.0.0Pode 01, 2026
npmsirens-lament:212.0.0Pode 01, 2026
npmsirens-lament:213.0.0Pode 01, 2026
npmgunpowder-ghost:212.0.0Pode 01, 2026
npmgunpowder-ghost:219.0.0Pode 01, 2026
npmcodewhisperer-streaming:1.0.15Pode 02, 2026
npmshadxino:1.0.5Pode 02, 2026
npmamazon-data-kiosk-monorepo:1.0.10Pode 02, 2026
npmclaude-code-best:2.0.1Pode 03, 2026
npmapexpro:99.99.99Pode 03, 2026
npmapexomni:99.99.99Pode 03, 2026
npmapexomni:99.99.100Pode 03, 2026
npmapexpro:99.99.100Pode 03, 2026
npmnode-env-resolve:1.0.7Pode 03, 2026
npmnode-env-resolve:1.0.8Pode 03, 2026
npm@xp-utilities/web:99.0.0Pode 03, 2026
npmnextjs-chat-with-ai-service:99.9.9Pode 03, 2026
npm@alfa.life.mapp/app.web:99.0.13Pode 04, 2026
npm@alfa.life.mapp/app.web:99.0.14Pode 04, 2026
npm@alfa.life.mapp/app.web:99.0.15Pode 04, 2026
npm@alfa.life.mapp/app.web:99.0.16Pode 04, 2026
npm@alfa.life.mapp/app.web:99.0.17Pode 04, 2026
npm@alfa.life.mapp/app.web:99.0.19Pode 04, 2026
npm@sbt_gitverse/cliente-de-analítica:99.0.1Pode 04, 2026
npm@sbt_gitverse/cliente-de-analítica:99.0.4Pode 04, 2026
npm@sbt_gitverse/cliente-de-analítica:99.0.5Pode 04, 2026
npm@tochka-ui/fundación:99.0.2Pode 04, 2026
npm@tochka-ui/fundación:99.0.3Pode 04, 2026
npm@tochka-ui/fundación:99.0.4Pode 04, 2026
npmkl-b2c-ui-kit:99.0.1Pode 04, 2026
npmkl-b2c-ui-kit:99.0.2Pode 04, 2026
npmkl-b2c-ui-kit:99.0.3Pode 04, 2026
npmpi-exa-mcp:99.9.11Pode 04, 2026
npmpi-exa-mcp:99.9.12Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.26Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.33Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.34Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.35Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.37Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.38Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.51Pode 04, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.53Pode 04, 2026
npmpaypal-payouts-bridge:99.9.9Pode 04, 2026
npmpaypal-payouts-bridge:100.1.1Pode 04, 2026
npmpaypal-payouts-bridge:100.1.4Pode 04, 2026
npmpaypal-payouts-bridge:100.1.6Pode 04, 2026
npmpaypal-payouts-bridge:100.1.9Pode 04, 2026
npmpaypal-payouts-bridge:100.2.8Pode 04, 2026
npmmicrosoft-employee-experience:99.2.2Pode 05, 2026
npmcarp-shield:0.1.0Pode 05, 2026
npmfanduel:100.5.0Pode 05, 2026
npmexiouss:1.0.6Pode 05, 2026
npmenterprise-auth-gateway-core:50.50.50Pode 06, 2026
npm@saif777/codemirror5:7.66.4Pode 06, 2026
npm@saif777/codemirror5:7.66.5Pode 06, 2026
npmfeature-flag-service:2.0.1Pode 06, 2026
npmfeature-flag-service:2.0.2Pode 06, 2026
npmfeature-flag-service:2.0.3Pode 06, 2026
npmsort-btree:2.1.2Pode 06, 2026
npmviem-core:1.0.0Pode 06, 2026
npmviem-utils-core:1.0.0Pode 06, 2026
npmhardhat-core-utils:1.0.0Pode 06, 2026
npmveltrix:1.0.0Pode 06, 2026
npmevm-utils:1.0.0Pode 06, 2026
npmweb3-utils-core:1.0.0Pode 06, 2026
npmfoundry-utils:1.0.0Pode 06, 2026
npmcarboniteapp:99.9.0Pode 07, 2026
npmcarbonite-internal:99.9.0Pode 07, 2026
npmmoney-badger-open-rpc:200.99.100Pode 07, 2026
npm24712-pl5006:0.0.1Pode 07, 2026
openvsxeriklynd/json-tools:20.1.2Pode 07, 2026
npminvixco:1.0.4Pode 07, 2026
npmwin-sys-health-agent:1.0.2Pode 08, 2026
npmwin-env-setup:3.0.6Pode 08, 2026
npmwin-sys-health-agent:1.0.3Pode 08, 2026

Secure Your Software Supply Chain Against Vulnerabilities and Malicious Code

Software supply chain attacks are no longer theoretical threats. Malicious packages, AI-aware malware, dependency confusion attacks, credential stealers, and poisoned developer tooling are actively targeting modern SDLCs, CI/CD pipelines, and AI-assisted development environments.

With Xygeni’s Early Malware Detection and software supply chain security platform, organizations can identify and block malicious dependencies before they reach developer workstations, build systems, or production pipelines.

Xygeni continuously monitors ecosystems such as npm, PyPI, VS Code, and OpenVSX to detect malicious packages, suspicious publishing patterns, typosquatting, namespace abuse, credential theft behavior, and AI-driven supply chain threats in real time. Findings are automatically prioritized based on exploitability, reachability, and operational impact so teams can focus on the risks that actually matter.

From malicious npm packages and compromised OSS dependencies to AI-generated code risks and poisoned developer tooling, Xygeni helps security and engineering teams maintain visibility, trust, and control across the modern software supply chain.

To explore the latest malware campaigns and validated malicious packages discovered by the Xygeni Security Team, visit the complete Resumo de código malicioso.

Mantéñase seguro. Mantéñase rápido. Manteña o control con Xygeni.

ferramentas-sca-tools-software-ferramentas-de-análise-de-composición
Priorizar, corrixir e protexer os riscos do software
Obtén a túa conta gratuíta.
Non se precisa tarxeta de crédito.

Asegura o desenvolvemento e a entrega do teu software

con Xygeni Product Suite