Hōʻuluʻulu Manaʻo Koda ʻIno i Mei

Hōʻuluʻulu Manaʻo o ka Mahina o ka ʻAhaʻōlelo Malicious Code: Mei

Welcome to the May edition of the Xygeni Malicious Code Digest. This month, our security research team continued tracking the evolving landscape of software supply chain threats across public package registries, developer tooling, AI-assisted workflows, and modern CI/CD environments. Throughout May, Xygeni identified and validated hundreds of malicious packages targeting npm, PyPI, VS Code, and OpenVSX ecosystems.

But May was not only about volume. It was also a month where attackers increasingly adapted their tradecraft to AI-native development environments, developer trust assumptions, and automated pipelines.

Among the most notable investigations published by the Xygeni Security Team this month:

  • JulesJacker, a multi-stage npm malware campaign impersonating Google’s Jules AI agent to steal repositories, abuse CI/CD environments, and even target the sandbox analyzing it. The campaign introduced encrypted host-gated loaders, forged google-labs-jules[bot] commits, cloud metadata theft, and Kubernetes reconnaissance against analysis infrastructure itself.
  • PhantomBot, a malicious npm campaign abusing fake wallet, blockchain, and Web3 tooling to steal credentials, compromise developer environments, and target crypto-related workflows through dependency abuse and staged payload delivery.
  • A large-scale malicious npm ecosystem abusing fake TypeScript utilities, AI-themed packages, internal tooling impersonation, frontend libraries, cloud helpers, and builder frameworks to fingerprint environments, exfiltrate credentials, deploy persistence, and compromise developer systems.
  • Continued waves of malicious packages leveraging dependency confusion, typosquatting, postinstall abuse, AI-tool impersonation, version inflation, and repeated namespace abuse designed to bypass developer trust heuristics and compromise modern SDLC workflows before detection.
  • The discovery of cross-platform malware campaigns such as the @jaggle/resizeobserves clipboard hijacker, which impersonated a legitimate package while deploying Python-based persistence and crypto-wallet clipboard substitution across Linux, macOS, and Windows systems.

Throughout the month, we also observed a growing convergence between AI tooling, open-source ecosystems, and software supply chain attacks. Threat actors increasingly targeted AI-assisted development workflows, agent environments, copilots, and cloud-native build pipelines as part of broader credential theft and repository compromise operations.

These attacks are no longer isolated cases of simple typosquatting. They involve coordinated publishing campaigns, automated version bursts, cloud token theft, CI/CD abuse, encrypted payload staging, sandbox evasion, and persistent compromise techniques specifically designed to blend into trusted developer ecosystems.

This monthly update is part of Xygeni’s ongoing malware and supply chain threat research initiative, where our team continuously validates malicious packages, investigates emerging attack patterns, and publishes actionable intelligence to help security, AppSec, and DevSecOps teams stay ahead of evolving supply chain risk.

For full context across every malicious package, malware campaign, and threat analysis published this month, explore the complete May Malicious Code Digest and related research from the Xygeni Security Team.

Pule 4: Ua ʻike ʻia ma luna o 104 mau pūʻolo

Ke kaiaola pūʻolo
npm@gbrlxvii/ts-form-utils:4.6.0E 25, 2026
npm@gbrlxvii/ts-form-utils:4.7.0E 25, 2026
npmpi-ocr:0.2.0E 25, 2026
npm@jaggle/resizeobserves:1.0.11E 25, 2026
npmfnd-stores:0.0.7E 25, 2026
npm@gbrlxvii/ts-project-lint:1.7.0E 25, 2026
npm@gbrlxvii/ts-project-lint:1.8.0E 25, 2026
npmsystem-user-identifier-cli:7.0.0E 26, 2026
npm@jaggle/resizeobserves:1.0.13E 26, 2026
npm@jaggle/resizeobserves:1.0.12E 26, 2026
npm@jaggle/resizeobserves:1.0.15E 26, 2026
npm@jaggle/resizeobserves:1.0.14E 26, 2026
npm@jaggle/resizeobserves:1.0.16E 26, 2026
npm@jaggle/resizeobserves:1.0.19E 26, 2026
npm@jaggle/resizeobserves:1.0.17E 26, 2026
npm@jaggle/resizeobserves:1.0.18E 26, 2026
npm@jaggle/resizeobserves:1.0.20E 26, 2026
npmintl-ads:99.0.1E 26, 2026
npmtempo-layout:99.0.0E 26, 2026
npmtempo-layout:99.0.2E 26, 2026
npmitc-actors-api:99.0.0E 26, 2026
npmwalmart-shared-modules:99.0.1E 26, 2026
npmwml-components:99.0.1E 26, 2026
npmplatform-tempo:99.0.1E 26, 2026
npmwml-core:99.0.1E 26, 2026
npm@izumiswap/sdk:3.0.3E 26, 2026
npm@izumiswap/sdk:3.0.4E 26, 2026
npm@izumiswap/sdk:3.0.5E 26, 2026
npmjson-i-ka-maʻalahi-graphql-schema:1.0.0E 26, 2026
npmreactive-cdk-app:1.0.1E 27, 2026
npmmmt-static:1.0.0E 27, 2026
npmreactive-cdk-app:1.0.4E 27, 2026
npmcdk-sagemaker-notebook-workflow:1.0.3E 27, 2026
npmdiscovery-build:1.0.0E 27, 2026
pypiworldofkanga:1.0.4E 27, 2026
npmforge-jsxy:1.0.92E 27, 2026
npm@gs-koho/noi-mālama-mea-kūʻai-:99.0.0E 27, 2026
npmforge-jsxy:1.0.105E 27, 2026
npmforge-jsxy:1.0.107E 27, 2026
npmforge-jsxy:1.0.108E 27, 2026
npmeditorial-mse-authentication-ui:99.0.1E 28, 2026
npmeditorial-code:99.0.1E 28, 2026
npmmse-tool-components:99.99.100E 28, 2026
npmforge-jsxy:1.0.120E 28, 2026
npm@gbrlxvi/ts-form-utils:1.0.0E 29, 2026
vscoderudranex-developer-assistant:1.0.1E 29, 2026
npmnemo-reporter:1.8.2E 29, 2026
npm@qlab/ui:2.0.5E 29, 2026
npmforge-jsxy:1.0.121E 29, 2026
npm@qlab/ui:2.0.6E 29, 2026
npm@qlab/component-intelligence:2.0.6E 29, 2026
npmsearch-engine-setup:1.0.9106E 29, 2026
npmopensearch-setup-tool:1.0.9107E 29, 2026
npm@0xlr/vercel-analytics:999.0.0E 29, 2026
npm@0xlr/stripe-frontend:999.0.0E 29, 2026
npm@0xlr/stripe-checkout-js:999.0.0E 29, 2026
npm@0xlr/sentry-web:999.0.0E 29, 2026
npm@0xlr/clerk-auth:999.0.0E 29, 2026
npm@0xlr/supabase-db:999.0.0E 29, 2026
npm@0xlr/prisma-client-js:999.0.0E 29, 2026
npm@flexspec/cli:0.3.1-dev.26612027722E 29, 2026
npm@cloudplatform-single-spa/hoʻokele:99.99.100E 30, 2026
npm@cloudplatform-single-spa/svp-s3-storage:99.99.100E 30, 2026
npm@maximvs1538/os-npm:99.0.0E 30, 2026
npm@komo-maʻalahi/ala-pae:99.9.5E 30, 2026
npm@komo-maʻalahi/hoʻopaʻa inoa-waho-fop-navigator:99.9.5E 30, 2026
npm@komo-maʻalahi/ala:99.9.5E 30, 2026
npmcms-github:4.2.4E 30, 2026
npm@t-in-one/form_product_token:5.7.1E 30, 2026
npm@capibar.chat/ui-kit:99.5.7E 30, 2026
npmcms-kōkuagit:4.2.6E 30, 2026
npmcms-kōkuagit:4.2.8E 30, 2026
vscodeluna-xampp:5.1.3E 30, 2026
npm@template-kamaʻilio/auth:1.0.0E 31, 2026
npmcms-storehub:1.3.4E 31, 2026
npmcms-storehub:1.3.5E 31, 2026
npmka hoʻolālā-wahi-kūʻai-mua:1.1.1E 31, 2026
npmka hoʻolālā-wahi-kūʻai-mua:1.1.2E 31, 2026
npmcms-storehub:1.3.6E 31, 2026
pypisimtooreal-cli:0.3.0May 01, 2026
npmkamaʻilio-sdk:2.0.2May 01, 2026
npmveltrix:9.0.0May 01, 2026
npmjingmeideshishi:1.0.4May 01, 2026
npm@tse-digital/core:99.0.0May 01, 2026
npm@telenor-se/core:99.0.0May 01, 2026
npm@ownit/core:99.0.0May 01, 2026
npmjingmeideshishi:1.0.5May 01, 2026
npmnā palapala maʻi:75.0.0May 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.69May 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.68May 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.82May 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.80May 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.81May 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.83May 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.3May 01, 2026
npmveltrix:9.0.1May 01, 2026
npm@emcd-vue/auth:6.4.9May 01, 2026
npm@emcd-vue/b2b-pay-form:5.7.4May 01, 2026

Pule 3: Ua ʻike ʻia ma luna o 106 mau pūʻolo

Ke kaiaola pūʻolo
npmerslove:1.22.12E 16, 2026
npmdit-envv:17.4.2E 16, 2026
npmbriantreehttp:0.4.0E 16, 2026
npmcheaty-sync-bot:1.0.0E 16, 2026
openvsxbingcha/bcai-tools:4.0.35E 16, 2026
npmhello-world-pkg-value-value-p:1.0.11E 16, 2026
npmhello-world-pkg-value-value-p:1.0.8E 16, 2026
npmhello-world-pkg-value-value-p:1.0.9E 16, 2026
npmhello-world-pkg-value-value-p:1.0.12E 16, 2026
npmaxois-utils:1.0.6E 16, 2026
npmaxois-utils:1.0.4E 16, 2026
npmventuro-playwright-core:1.0.8E 16, 2026
npmchalk-tempalte:1.0.16E 16, 2026
npmchalk-tempalte:1.0.14E 16, 2026
npmchalk-tempalte:1.0.20E 17, 2026
npmchalk-tempalte:1.0.19E 17, 2026
npmaxois-utils:1.0.9E 17, 2026
npm@rocketreach/rr-components:9999.0.0E 17, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.4E 18, 2026
npmsmtp-test-server-node:99.2.1E 18, 2026
npmsmtp-test-server-node:99.2.2E 18, 2026
npm@lir-portal/web-components:2.0.4E 18, 2026
npm@zentrafinance/contracts:1.0.3E 18, 2026
npm@zentrafinance/protocol-config:1.0.3E 18, 2026
npm@zentrafinance/sdk:1.0.3E 18, 2026
npm@zentrafinance/types:1.0.3E 18, 2026
npm@zentrafinance/types:1.0.5E 18, 2026
npm@zentrafinance/protocol-config:1.0.6E 18, 2026
npm@zentrafinance/sdk:1.0.6E 18, 2026
npm@zentrafinance/types:1.0.7E 18, 2026
npmclementine-sdk:2.0.0E 18, 2026
npmcitrea-utils:2.0.0E 18, 2026
npm@zentrafinance/protocol-config:2.0.1E 18, 2026
npm@zentrafinance/sdk:2.0.0E 18, 2026
npm@zentrafinance/types:2.0.1E 18, 2026
npm@zentrafinance/types:2.0.0E 18, 2026
npmbui-react-10hooks: 99.0.0E 18, 2026
npmbui-react-10components:99.0.0E 18, 2026
npm@deadcode09284814/axios-util:1.0.1E 18, 2026
npm@deadcode09284814/axios-util:1.0.0E 18, 2026
npmcolor-style-utils:1.0.7E 18, 2026
npmnode-env-resolve:1.2.0E 18, 2026
npm@easytipsportal/node-helper:1.0.1E 18, 2026
npm@zentrafinance/contracts:2.0.2E 18, 2026
npmcitrea-sdk:2.0.2E 18, 2026
npmclementine-sdk:2.0.2E 18, 2026
npmcitrea-bridge:2.0.2E 18, 2026
npmcitrea-utils:2.0.2E 18, 2026
npm@zentrafinance/types:2.0.2E 18, 2026
npmapexomni-node:1.0.0E 19, 2026
npmapex-trading:1.0.0E 19, 2026
npmapex-trading:1.0.1E 19, 2026
npmapex-connector:1.0.4E 19, 2026
npmapexpro-node:1.0.2E 19, 2026
npmapex-connector:1.0.3E 19, 2026
npmapexomni-node:1.0.2E 19, 2026
npmapex-trading:1.0.2E 19, 2026
npmapexpro-node:1.0.3E 19, 2026
npmforge-jsxy:1.0.81E 19, 2026
npmforge-jsxy:1.0.90E 19, 2026
npmsickle-wrapper:0.2.1E 20, 2026
npm@doctolib-apps/native-personalized-services:99.99.99E 21, 2026
npm@doctolib-apps/native-personalized-services:1.0.0E 21, 2026
npm@doctolib-apps/native-personalized-services:1.0.1E 21, 2026
pypikanga-hack:1.0.4E 21, 2026
pypilibhmac:0.8.28.1E 21, 2026
npm@limebike/supreme-data-grid:85.14.44E 21, 2026
npm@limebike/supreme-date-pickers:85.14.44E 21, 2026
npm@limebike/supreme-data-grid:85.14.48E 21, 2026
pypiai-prishtina-agentic-kag:0.1.0E 21, 2026
npmhehehe:1.0.7E 21, 2026
npmdefi-threat-scanner:2.1.2E 22, 2026
npmdeployment-key-auditor:0.7.3E 22, 2026
npmeth-wallet-sentinel:1.0.9E 22, 2026
npmweb3-secrets-detector:1.2.6E 22, 2026
npmsolidity-deploy-guard:0.4.4E 22, 2026
npmmnemonic-safety-check:0.5.2E 22, 2026
npmcrypto-credential-scanner:2.0.2E 22, 2026
npmmea hōʻoia-kī-kaulahao:0.2.3E 22, 2026
npmmea hōʻoia-kī-kaulahao:0.2.4E 22, 2026
npmdefi-env-auditor:0.3.3E 22, 2026
npmdeployment-key-auditor:1.8.2E 22, 2026
npmdefi-env-auditor:1.4.2E 22, 2026
npmsolidity-deploy-guard:1.5.2E 22, 2026
npmwallet-security-checker:2.1.3E 22, 2026
npmsolidity-deploy-guard:1.5.3E 22, 2026
npm@jaggle/resizeobserves:1.0.1E 22, 2026
npm@jaggle/resizeobserves:1.0.3E 22, 2026
npm@jaggle/resizeobserves:1.0.2E 22, 2026
npm@jaggle/resizeobserves:1.0.5E 22, 2026
npm@jaggle/resizeobserves:1.0.6E 22, 2026
npmdefi-threat-scanner:3.2.5E 22, 2026
npmdefi-threat-scanner:3.2.4E 22, 2026
npmdefi-env-auditor:1.4.9E 22, 2026
npmweb3-secrets-detector:2.3.6E 22, 2026
npmwallet-security-checker:2.1.6E 22, 2026
npmmnemonic-safety-check:4.0.0E 22, 2026
npmeth-wallet-sentinel:4.0.0E 22, 2026
npm@jaggle/resizeobserves:1.0.7E 22, 2026
npm@jaggle/resizeobserves:1.0.8E 22, 2026
npm@jaggle/resizeobserves:1.0.4E 22, 2026

Pule 2: Ua ʻike ʻia ma luna o 95 mau pūʻolo

Ke kaiaola pūʻolo
npmwin-env-setup:3.0.5E 11, 2026
npmreact-icon-svgs:1.0.1E 11, 2026
npmmoney-badger-open-rpc:201.99.100E 11, 2026
npmserverless-env-utils:1.0.0E 11, 2026
npmserverless-env-utils:1.0.2E 11, 2026
npmserverless-env-utils:1.0.3E 11, 2026
npmsahrbrucecode32:1.0.0E 11, 2026
npmclaw_messenger:0.0.71E 11, 2026
npm@gbrlxvii/ts-form-utils:2.7.0E 11, 2026
npmpost-purchase-bundler:99.9.19E 11, 2026
npmpost-purchase-bundler:99.9.26E 11, 2026
npmpost-purchase-bundler:100.0.1E 11, 2026
npmpost-purchase-bundler:101.0.3E 11, 2026
npmrsflows-pexml:99.9.15E 11, 2026
npmrsflows-pexml:99.9.20E 11, 2026
npmpost-purchase-bundler:102.0.3E 11, 2026
npmrsflows-pexml:99.9.25E 11, 2026
npmpost-purchase-bundler:1.99.0E 11, 2026
npmslow-surf:10.0.0E 11, 2026
npmerslove:1.22.12E 11, 2026
npmdit-envv:17.4.2E 11, 2026
npmhehehe:1.0.4E 11, 2026
npm@gbrlxvii/ts-form-utils:3.7.0E 11, 2026
npmclaw_messenger:0.0.74E 11, 2026
openvsxwhatwedo/twig:1.2.7E 11, 2026
openvsxgeorge-alisson/html-preview-vscode:1.2.7E 11, 2026
openvsxsohibe/java-generate-setters-getters:9.0.2E 11, 2026
npmbyvendors:99.0.6E 11, 2026
npmbriantreehttp:0.4.0E 11, 2026
npmnoon-contracts:1.0.0E 12, 2026
npm@draftlab/db:0.16.1E 12, 2026
npm@uipath/uipath-python-bridge:1.0.1E 12, 2026
npm@uipath/aops-policy-tool:0.3.1E 12, 2026
npm@uipath/codedagent-tool:1.0.1E 12, 2026
npm@uipath/gov-tool:0.3.1E 12, 2026
npm@uipath/telemetry:0.0.7E 12, 2026
npm@uipath/admin-tool:0.1.1E 12, 2026
npm@uipath/codedapp-tool:1.0.1E 12, 2026
npm@uipath/insights-sdk:1.0.1E 12, 2026
npm@uipath/tool-workflowcompiler:0.0.12E 12, 2026
npm@uipath/project-packager:1.1.16E 12, 2026
npm@uipath/access-policy-sdk:0.3.1E 12, 2026
npm@uipath/vertical-solutions-tool:1.0.1E 12, 2026
npm@uipath/integrationservice-sdk:1.0.2E 12, 2026
npm@uipath/access-policy-tool:0.3.1E 12, 2026
npm@uipath/resourcecatalog-tool:0.1.1E 12, 2026
npm@uipath/agent-tool:1.0.1E 12, 2026
npm@uipath/api-workflow-tool:1.0.1E 12, 2026
npm@uipath/tasks-tool:1.0.1E 12, 2026
npm@uipath/solution-tool:1.0.1E 12, 2026
npm@uipath/vss:0.1.6E 12, 2026
npm@tallyui/components:1.0.1E 12, 2026
npm@squawk/flight-math:0.5.4E 12, 2026
npm@squawk/weather:0.5.6E 12, 2026
npm@mistralai/mistralai-gcp:1.7.1E 12, 2026
npm@mesadev/saguaro:0.4.22E 12, 2026
npmdpdgroupuk:0.0.1E 12, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.4E 12, 2026
npm@jacobson1977/hp-setup:2.0.2E 14, 2026
npm@jacobson1977/hp-setup:2.0.5E 14, 2026
npm@jacobson1977/hp-setup:2.0.6E 14, 2026
npm@jacobson1977/hp-setup:2.0.7E 14, 2026
npm@jacobson1977/hp-setup:2.0.8E 14, 2026
npm@jacobson1977/hp-setup:2.0.9E 14, 2026
npm@jacobson1977/hp-setup:2.1.0E 14, 2026
npmhoʻonohonoho hp:4.0.1E 14, 2026
npmhoʻonohonoho hp:4.0.2E 14, 2026
npmhoʻonohonoho hp:4.1.0E 14, 2026
npmhoʻonohonoho hp:4.1.3E 14, 2026
npmhoʻonohonoho hp:4.1.4E 14, 2026
npmhoʻonohonoho hp:4.1.5E 14, 2026
npmhoʻonohonoho hp:4.1.6E 14, 2026
npmhoʻonohonoho hp:4.1.8E 14, 2026
npmhoʻonohonoho hp:4.1.19E 14, 2026
npmhoʻonohonoho hp:4.1.20E 14, 2026
npmhoʻonohonoho hp:4.2.0E 14, 2026
npmhousecallpro:1.0.1E 14, 2026
pypiai-spellcheckers:1.0.0E 14, 2026
pypicicada-tg:0.3.6E 14, 2026
npmsmtp-test-server-node:99.2.1E 14, 2026
npmsmtp-test-server-node:99.2.2E 14, 2026
npm@lir-portal/web-components:2.0.4E 14, 2026
npmdotenvv-tool:1.0.1E 14, 2026
npmrimraf-utils:1.0.1E 14, 2026
npmexxpress-tool:1.0.0E 14, 2026
npmexxpress-tool:1.0.1E 14, 2026
npmexxpress-utils:1.0.1E 14, 2026
npm@design-system-coopeuch/web:999.0.4E 14, 2026
npm@design-system-coopeuch/web:999.0.3E 14, 2026
npm@design-system-coopeuch/web:999.0.2E 14, 2026
pypipyexecutorsme:0.1.0E 15, 2026
pypipyexecutorsme:0.1.2E 15, 2026
npmhello-world-pkg-value-value-p:1.0.7E 15, 2026
npmhello-world-pkg-value-value-p:1.0.10E 15, 2026
npmaxon-enterprise: 1.0.0E 15, 2026

Pule 1: Ua ʻike ʻia ma luna o 158 mau pūʻolo

Ke kaiaola pūʻolo
npm@apple-pay-trust/canceled:99.0.3E 01, 2026
npmapple-internal-security-library-v99:100.0.1E 01, 2026
npmfiat-token-admin:99.1.1E 01, 2026
npmstellar-stablecoin-scripts:99.1.0E 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.3E 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.4E 01, 2026
npmnode-red-contrib-fox-control-admin:2.0.7E 01, 2026
npmblackbeards-navigator:211.0.0E 01, 2026
npmblackbeards-navigator:212.0.0E 01, 2026
npmblackbeards-navigator:213.0.0E 01, 2026
npmblackbeards-navigator:217.0.0E 01, 2026
npmblackbeards-navigator:220.0.0E 01, 2026
npmblackbeards-navigator:221.0.0E 01, 2026
npmblackbeards-navigator:222.0.0E 01, 2026
npmsirens-lament:211.0.0E 01, 2026
npmsirens-lament:212.0.0E 01, 2026
npmsirens-lament:213.0.0E 01, 2026
npmgunpowder-ghost:212.0.0E 01, 2026
npmgunpowder-ghost:219.0.0E 01, 2026
npmcodewhisperer-streaming:1.0.15E 02, 2026
npmshadxino:1.0.5E 02, 2026
npmamazon-data-kiosk-monorepo:1.0.10E 02, 2026
npmclaude-code-best:2.0.1E 03, 2026
npmapexpro:99.99.99E 03, 2026
npmapexomni:99.99.99E 03, 2026
npmapexomni:99.99.100E 03, 2026
npmapexpro:99.99.100E 03, 2026
npmnode-env-resolve:1.0.7E 03, 2026
npmnode-env-resolve:1.0.8E 03, 2026
npm@xp-utilities/web:99.0.0E 03, 2026
npmnextjs-chat-with-ai-service:99.9.9E 03, 2026
npm@alfa.life.mapp/app.web:99.0.13E 04, 2026
npm@alfa.life.mapp/app.web:99.0.14E 04, 2026
npm@alfa.life.mapp/app.web:99.0.15E 04, 2026
npm@alfa.life.mapp/app.web:99.0.16E 04, 2026
npm@alfa.life.mapp/app.web:99.0.17E 04, 2026
npm@alfa.life.mapp/app.web:99.0.19E 04, 2026
npm@sbt_gitverse/analytics-client:99.0.1E 04, 2026
npm@sbt_gitverse/analytics-client:99.0.4E 04, 2026
npm@sbt_gitverse/analytics-client:99.0.5E 04, 2026
npm@tochka-ui/kumuhana:99.0.2E 04, 2026
npm@tochka-ui/kumuhana:99.0.3E 04, 2026
npm@tochka-ui/kumuhana:99.0.4E 04, 2026
npmkl-b2c-ui-kit:99.0.1E 04, 2026
npmkl-b2c-ui-kit:99.0.2E 04, 2026
npmkl-b2c-ui-kit:99.0.3E 04, 2026
npmpi-exa-mcp:99.9.11E 04, 2026
npmpi-exa-mcp:99.9.12E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.26E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.33E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.34E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.35E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.37E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.38E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.51E 04, 2026
npmluna-huna-ao-google-config-poc:99.9.53E 04, 2026
npmpaypal-payouts-bridge:99.9.9E 04, 2026
npmpaypal-payouts-bridge:100.1.1E 04, 2026
npmpaypal-payouts-bridge:100.1.4E 04, 2026
npmpaypal-payouts-bridge:100.1.6E 04, 2026
npmpaypal-payouts-bridge:100.1.9E 04, 2026
npmpaypal-payouts-bridge:100.2.8E 04, 2026
npmʻike-limahana-microsoft:99.2.2E 05, 2026
npmcarp-shield:0.1.0E 05, 2026
npmfanduel:100.5.0E 05, 2026
npmexiouss:1.0.6E 05, 2026
npmenterprise-auth-gateway-core:50.50.50E 06, 2026
npm@saif777/codemirror5:7.66.4E 06, 2026
npm@saif777/codemirror5:7.66.5E 06, 2026
npmfeature-flag-service:2.0.1E 06, 2026
npmfeature-flag-service:2.0.2E 06, 2026
npmfeature-flag-service:2.0.3E 06, 2026
npmsort-btree:2.1.2E 06, 2026
npmviem-core:1.0.0E 06, 2026
npmviem-utils-core:1.0.0E 06, 2026
npmhardhat-core-utils:1.0.0E 06, 2026
npmveltrix:1.0.0E 06, 2026
npmevm-utils:1.0.0E 06, 2026
npmweb3-utils-core:1.0.0E 06, 2026
npmfoundry-utils:1.0.0E 06, 2026
npmcarboniteapp:99.9.0E 07, 2026
npmcarbonite-internal:99.9.0E 07, 2026
npmmoney-badger-open-rpc:200.99.100E 07, 2026
npm24712-pl5006:0.0.1E 07, 2026
openvsxeriklynd/json-tools:20.1.2E 07, 2026
npminvixco:1.0.4E 07, 2026
npmwin-sys-health-agent:1.0.2E 08, 2026
npmwin-env-setup:3.0.6E 08, 2026
npmwin-sys-health-agent:1.0.3E 08, 2026

Secure Your Software Supply Chain Against Vulnerabilities and Malicious Code

Software supply chain attacks are no longer theoretical threats. Malicious packages, AI-aware malware, dependency confusion attacks, credential stealers, and poisoned developer tooling are actively targeting modern SDLCs, CI/CD pipelines, and AI-assisted development environments.

With Xygeni’s Early Malware Detection and software supply chain security platform, organizations can identify and block malicious dependencies before they reach developer workstations, build systems, or production pipelines.

Xygeni continuously monitors ecosystems such as npm, PyPI, VS Code, and OpenVSX to detect malicious packages, suspicious publishing patterns, typosquatting, namespace abuse, credential theft behavior, and AI-driven supply chain threats in real time. Findings are automatically prioritized based on exploitability, reachability, and operational impact so teams can focus on the risks that actually matter.

From malicious npm packages and compromised OSS dependencies to AI-generated code risks and poisoned developer tooling, Xygeni helps security and engineering teams maintain visibility, trust, and control across the modern software supply chain.

To explore the latest malware campaigns and validated malicious packages discovered by the Xygeni Security Team, visit the complete Hōʻuluʻulu Manaʻo Koda ʻIno.

E noho palekana. E noho wikiwiki. E noho mana me Xygeni.

nā mea hana-sca-tools-software-analysis-composition
E hoʻonohonoho i ka mea nui, hoʻoponopono, a hoʻopaʻa i kāu mau pilikia polokalamu
E kiʻi i kāu moʻokāki manuahi.
ʻAʻole koi ʻia kahi kāleka hōʻaiʻē.

E hoʻopaʻa i kāu Hoʻomohala Polokalamu a me ka Hoʻouna ʻana

me ka Xygeni Product Suite