Rezime Kòd Malveyan 73

Rezime Kòd Malveyan Xygeni 73

Prèske chak semèn, sistèm deteksyon malveyan nou yo eskane plizyè milye pakè nouvo ak pakè mete ajou atravè rejis piblik tankou npm ak PyPI. Semèn sa a te trè aktif.

Nou konfime 198 pakè move, sitou atravè npm, ak lòt ka nan ekstansyon PyPI, OpenVSX, Composer, ak VS Code. Plizyè te parèt nan gwoup kowòdone, ak plizyè vèsyon move pibliye anba menm non yo oswa atravè fanmi pake ki gen rapò sere. Yon ka remakab se te sensivity pake a, ki te anvayi npm ak plis pase 60 vèsyon atravè seri 2.5.x la. Gen lòt gwoupman remakab ki te enkli ai-sdk-helpers (8 vèsyon ki vize devlopè IA), @antoncallahan/aws-user-helper (7 vèsyon ki imite yon sèvis piblik AWS), @apple-pay-trust ta dwe apwouve bèso tibebe w la epi @google-pay-trust fanmi yo (ki imite modil peman kesye yo), @frengki0707/google-cloud-clone (5 vèsyon ki imite Google Cloud), epi cms-storehub, cms-helpgit, epi cms-github (ki vize CMS pipelines). Anpil pakè te imite modil peman ak kesye, enterprise ak pakè entènèt entèn, kliyan analiz, fondasyon koòdone itilizatè, sèvis piblik pou devlopè, eksploratè konpozan, pakè ki gen tèm nwaj ak Google, ak lòt modil yo souvan fè konfyans nan workflows devlopman modèn yo.

Sa yo pa t anomali izole. Sa ki te make semèn sa a se kantite piblikasyon repete sou menm fanmi pakè yo, reyitilizasyon modèl nonmen yo, ak fason pakè move yo te degize pou yo sanble ak depandans lejitim nan livrezon lojisyèl reyèl. pipelines.

Aperçu chak semèn sa a fè pati Malicious Code Digest nou an, kote nou valide nouvo menas yo epi bay entèlijans aksyonab pou ede ekip DevSecOps yo pwoteje tèt yo. pipelines anvan domaj la rive.

Ann analize sa nou te jwenn semèn sa a epi poukisa li enpòtan.

Pakè move konfime
Ekosistèm Pake Dat
npm@cloudplatform-single-spa/administrasyon:99.99.100Se pou 30, 2026
npm@cloudplatform-single-spa/svp-s3-storage:99.99.100Se pou 30, 2026
npm@maximvs1538/os-npm:99.0.0Se pou 30, 2026
npm@fasil-antre/wout-aterisaj:99.9.5Se pou 30, 2026
npm@antre-fasil/deyò-enskripsyon-fop-navigatè:99.9.5Se pou 30, 2026
npm@fasil-antre/wout:99.9.5Se pou 30, 2026
npm@t-in-one/form_product_token:5.7.1Se pou 30, 2026
npm@capibar.chat/ui-kit:99.5.7Se pou 30, 2026
vskodxampp-manadjè:5.1.3Se pou 30, 2026
npm@chat-model/otorizasyon:1.0.0Se pou 31, 2026
npmjson-an-senp-graphql-schema:1.0.0Jun 1, 2026
npm@gs-select/aplikasyon-kliyan-ekonomi:99.0.0Jun 1, 2026
npmnemo-repòtè:1.8.2Jun 1, 2026
npmcms-github:4.2.4Jun 1, 2026
npmcms-helpgit:4.2.6Jun 1, 2026
npmcms-helpgit:4.2.8Jun 1, 2026
npmcms-storehub:1.3.4Jun 1, 2026
npmcms-storehub:1.3.5Jun 1, 2026
npmcms-storehub:1.3.6Jun 1, 2026
pypisimtooreal-cli:0.3.0Jun 1, 2026
npmestrateji-kote-komèsyal-komèsyal-frontend:1.1.1Jun 1, 2026
npmestrateji-kote-komèsyal-komèsyal-frontend:1.1.2Jun 1, 2026
npmkonvèsa-sdk:2.0.2Jun 1, 2026
npmveltrix:9.0.0Jun 1, 2026
npmveltrix:9.0.1Jun 1, 2026
npmjingmeideshishi:1.0.4Jun 1, 2026
npmjingmeideshishi:1.0.5Jun 1, 2026
npm@tse-digital/nwayo:99.0.0Jun 1, 2026
npm@telenor-se/nwayo:99.0.0Jun 1, 2026
npm@ownit/nwayo:99.0.0Jun 1, 2026
npmdokiman pasyan: 75.0.0Jun 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.69Jun 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.68Jun 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.82Jun 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.80Jun 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.81Jun 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.83Jun 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.3Jun 1, 2026
npm@emcd-vue/otorizasyon:6.4.9Jun 1, 2026
npm@emcd-vue/b2b-pay-form:5.7.4Jun 1, 2026
npm@ccrm/user-storage-api-axios:5.0.1Jun 2, 2026
npmsansiblite: 2.5.8Jun 2, 2026
npmsansiblite: 2.5.12Jun 2, 2026
npmsansiblite: 2.5.16Jun 2, 2026
npmsansiblite: 2.5.17Jun 2, 2026
npmsansiblite: 2.5.18Jun 2, 2026
npmsansiblite: 2.5.19Jun 2, 2026
npmsansiblite: 2.5.20Jun 2, 2026
npmsansiblite: 2.5.21Jun 2, 2026
npmsansiblite: 2.5.22Jun 2, 2026
npmsansiblite: 2.5.23Jun 2, 2026
npmsansiblite: 2.5.24Jun 2, 2026
npmsansiblite: 2.5.25Jun 2, 2026
npmsansiblite: 2.5.26Jun 2, 2026
npmsansiblite: 2.5.27Jun 2, 2026
npmsansiblite: 2.5.28Jun 2, 2026
npmsansiblite: 2.5.29Jun 2, 2026
npmsansiblite: 2.5.30Jun 2, 2026
npmsansiblite: 2.5.31Jun 2, 2026
npmsansiblite: 2.5.32Jun 2, 2026
npmsansiblite: 2.5.41Jun 2, 2026
npmsansiblite: 2.5.42Jun 2, 2026
npmsansiblite: 2.5.43Jun 2, 2026
npmsansiblite: 2.5.44Jun 2, 2026
npmsansiblite: 2.5.45Jun 2, 2026
npmsansiblite: 2.5.46Jun 2, 2026
npmmeoo-ui-helpers:1.0.1Jun 2, 2026
npm@langgraphjs/zouti:1.2.10Jun 2, 2026
npmeyevox:9.0.1Jun 2, 2026
npmsansiblite: 2.5.53Jun 3, 2026
npmsansiblite: 2.5.54Jun 3, 2026
npmsansiblite: 2.5.55Jun 3, 2026
npmsansiblite: 2.5.56Jun 3, 2026
npmsansiblite: 2.5.57Jun 3, 2026
npmsansiblite: 2.5.61Jun 3, 2026
npm@sentry-browser-sdk/profiling-node:1.0.1Jun 4, 2026
npm@sentry-browser-sdk/profiling-node:1.0.2Jun 4, 2026
npm@sentry-browser-sdk/profiling-node:1.0.5Jun 4, 2026
npmsèvis pou ranmase lajan:1.0.0Jun 4, 2026
npmsansiblite: 2.5.67Jun 4, 2026
npmsansiblite: 2.5.68Jun 4, 2026
npmvg-entèraksyon-modèl:40.0.5Jun 4, 2026
npmentènlib_v346:1.0.3Jun 4, 2026
npmentènlib_v346:1.0.5Jun 4, 2026
npmentènlib_v346:1.0.9Jun 4, 2026
npmai-sdk-helpers:0.2.1Jun 4, 2026
npmai-sdk-helpers:0.3.0Jun 4, 2026
npmai-sdk-helpers:0.3.1Jun 4, 2026
npmai-sdk-helpers:1.1.0Jun 4, 2026
npmai-sdk-helpers:1.1.1Jun 4, 2026
npmai-sdk-helpers:1.3.0Jun 4, 2026
npmai-sdk-helpers:1.4.0Jun 4, 2026
npmai-sdk-helpers:1.4.2Jun 4, 2026
npm@achuthvp/postinstall-poc:1.0.3Jun 4, 2026
npmsansiblite: 2.5.0Jun 5, 2026
npmsansiblite: 2.5.1Jun 5, 2026
npmsansiblite: 2.5.2Jun 5, 2026
npmsansiblite: 2.5.3Jun 5, 2026
npmsansiblite: 2.5.4Jun 5, 2026
npmsansiblite: 2.5.5Jun 5, 2026
npmsansiblite: 2.5.13Jun 5, 2026
npmsansiblite: 2.5.14Jun 5, 2026
npmsansiblite: 2.5.15Jun 5, 2026
npmsansiblite: 2.5.33Jun 5, 2026
npmsansiblite: 2.5.34Jun 5, 2026
npmsansiblite: 2.5.35Jun 5, 2026
npmsansiblite: 2.5.36Jun 5, 2026
npmsansiblite: 2.5.37Jun 5, 2026
npmsansiblite: 2.5.38Jun 5, 2026
npmsansiblite: 2.5.58Jun 5, 2026
npmsansiblite: 2.5.59Jun 5, 2026
npmsansiblite: 2.5.60Jun 5, 2026
npmsansiblite: 2.5.62Jun 5, 2026
npmsansiblite: 2.5.63Jun 5, 2026
npmsansiblite: 2.5.64Jun 5, 2026
npmsansiblite: 2.5.65Jun 5, 2026
npmsansiblite: 2.5.66Jun 5, 2026
npmsansiblite: 2.5.69Jun 5, 2026


Pwoteje Depandans Sous Louvri ou yo kont Vilnerabilite ak Kòd Move

Pa kite pakè move yo rive lakay ou. pipelines. Deteksyon bonè lojisyèl malveyan Xygeni bay ekip ou a vizibilite an tan reyèl sou menas ki pi enpòtan yo, li detekte depandans danjere yo anvan menm yo touche lojisyèl ou a.

Jan rezime semèn sa a montre aklè, volim ak sofistikasyon kanpay pakè move yo pa ralanti. Inondasyon vèsyon kowòdone, imitasyon modil peman, ak non pakè ki sonnen entèn se jis kèk nan taktik atakè yo ap itilize pou pase. standard defans. Pou ou pran devan menas sa yo, sa mande plis pase odit peryodik, sa mande siveyans kontinyèl nan tout rejis ekip ou yo depann de yo.

Xygeni a Open Source Security Solisyon an analize epi bloke pakè danjere yo nan pwen piblikasyon an, atravè npm, PyPI, ak pi lwen. Lè li bay priyorite kontèksyalman a vilnerabilite ki poze pi gwo risk reyèl la (epi senplifye chemen remèdyasyon an pou ekip DevSecOps ou yo), Xygeni ede ou kenbe yon livrezon lojisyèl an sekirite ak fyab san ralanti devlopman.

zouti-lojisyèl-sca-tools-konpozisyon-analiz-zouti
Priyorize, korije, epi pwoteje risk lojisyèl ou yo
Jwenn Kont Gratui ou.
Pa gen kat kredi obligatwa.

Pwoteje Devlopman ak Livrezon Lojisyèl ou

avèk Xygeni Product Suite