दुर्भावनापूर्ण कोड डायजेस्ट मे

मालवेअर कोड डायजेस्ट मासिक आढावा: मे

अनुक्रमणिका

अवश्य वाचा

नवीनतम मनोरंजक पोस्ट्स

Welcome to the May edition of the Xygeni Malicious Code Digest. This month, our security research team continued tracking the evolving landscape of software supply chain threats across public package registries, developer tooling, AI-assisted workflows, and modern CI/CD environments. Throughout May, Xygeni identified and validated hundreds of malicious packages targeting npm, PyPI, VS Code, and OpenVSX ecosystems.

But May was not only about volume. It was also a month where attackers increasingly adapted their tradecraft to AI-native development environments, developer trust assumptions, and automated pipelines.

Among the most notable investigations published by the Xygeni Security Team this month:

  • JulesJacker, a multi-stage npm malware campaign impersonating Google’s Jules AI agent to steal repositories, abuse CI/CD environments, and even target the sandbox analyzing it. The campaign introduced encrypted host-gated loaders, forged google-labs-jules[bot] commits, cloud metadata theft, and Kubernetes reconnaissance against analysis infrastructure itself.
  • फॅन्टमबॉट, a malicious npm campaign abusing fake wallet, blockchain, and Web3 tooling to steal credentials, compromise developer environments, and target crypto-related workflows through dependency abuse and staged payload delivery.
  • A large-scale malicious npm ecosystem abusing fake TypeScript utilities, AI-themed packages, internal tooling impersonation, frontend libraries, cloud helpers, and builder frameworks to fingerprint environments, exfiltrate credentials, deploy persistence, and compromise developer systems.
  • Continued waves of malicious packages leveraging dependency confusion, typosquatting, postinstall abuse, AI-tool impersonation, version inflation, and repeated namespace abuse designed to bypass developer trust heuristics and compromise modern SDLC workflows before detection.
  • The discovery of cross-platform malware campaigns such as the @jaggle/resizeobserves clipboard hijacker, which impersonated a legitimate package while deploying Python-based persistence and crypto-wallet clipboard substitution across Linux, macOS, and Windows systems.

Throughout the month, we also observed a growing convergence between AI tooling, open-source ecosystems, and software supply chain attacks. Threat actors increasingly targeted AI-assisted development workflows, agent environments, copilots, and cloud-native build pipelines as part of broader credential theft and repository compromise operations.

These attacks are no longer isolated cases of simple typosquatting. They involve coordinated publishing campaigns, automated version bursts, cloud token theft, CI/CD abuse, encrypted payload staging, sandbox evasion, and persistent compromise techniques specifically designed to blend into trusted developer ecosystems.

This monthly update is part of Xygeni’s ongoing malware and supply chain threat research initiative, where our team continuously validates malicious packages, investigates emerging attack patterns, and publishes actionable intelligence to help security, AppSec, and DevSecOps teams stay ahead of evolving supply chain risk.

For full context across every malicious package, malware campaign, and threat analysis published this month, explore the complete May Malicious Code Digest and related research from the Xygeni Security Team.

पहिला आठवडा: ६३ हून अधिक पॅकेजेस सापडली

पर्यावरणातील पॅकेज तारीख
npm@gbrlxvii/ts-form-utils:4.6.025 शकते, 2026
npm@gbrlxvii/ts-form-utils:4.7.025 शकते, 2026
npmpi-ocr:0.2.025 शकते, 2026
npm@jaggle/resizeobserves:1.0.1125 शकते, 2026
npmfnd-stores:0.0.725 शकते, 2026
npm@gbrlxvii/ts-project-lint:1.7.025 शकते, 2026
npm@gbrlxvii/ts-project-lint:1.8.025 शकते, 2026
npmsystem-user-identifier-cli:7.0.026 शकते, 2026
npm@jaggle/resizeobserves:1.0.1326 शकते, 2026
npm@jaggle/resizeobserves:1.0.1226 शकते, 2026
npm@jaggle/resizeobserves:1.0.1526 शकते, 2026
npm@jaggle/resizeobserves:1.0.1426 शकते, 2026
npm@jaggle/resizeobserves:1.0.1626 शकते, 2026
npm@jaggle/resizeobserves:1.0.1926 शकते, 2026
npm@jaggle/resizeobserves:1.0.1726 शकते, 2026
npm@jaggle/resizeobserves:1.0.1826 शकते, 2026
npm@jaggle/resizeobserves:1.0.2026 शकते, 2026
npmintl-ads:99.0.126 शकते, 2026
npmtempo-layout:99.0.026 शकते, 2026
npmtempo-layout:99.0.226 शकते, 2026
npmitc-actors-api:99.0.026 शकते, 2026
npmwalmart-shared-modules:99.0.126 शकते, 2026
npmwml-components:99.0.126 शकते, 2026
npmplatform-tempo:99.0.126 शकते, 2026
npmwml-core:99.0.126 शकते, 2026
npm@izumiswap/sdk:3.0.326 शकते, 2026
npm@izumiswap/sdk:3.0.426 शकते, 2026
npm@izumiswap/sdk:3.0.526 शकते, 2026
npmjson-to-simple-graphql-schema:1.0.026 शकते, 2026
npmreactive-cdk-app:1.0.127 शकते, 2026
npmmmt-static:1.0.027 शकते, 2026
npmreactive-cdk-app:1.0.427 शकते, 2026
npmcdk-sagemaker-notebook-workflow:1.0.327 शकते, 2026
npmdiscovery-build:1.0.027 शकते, 2026
pypiworldofkanga:1.0.427 शकते, 2026
npmforge-jsxy:1.0.9227 शकते, 2026
npm@gs-select/savings-client-application:99.0.027 शकते, 2026
npmforge-jsxy:1.0.10527 शकते, 2026
npmforge-jsxy:1.0.10727 शकते, 2026
npmforge-jsxy:1.0.10827 शकते, 2026
npmeditorial-mse-authentication-ui:99.0.128 शकते, 2026
npmeditorial-code:99.0.128 शकते, 2026
npmmse-tool-components:99.99.10028 शकते, 2026
npmforge-jsxy:1.0.12028 शकते, 2026
npm@gbrlxvi/ts-form-utils:1.0.029 शकते, 2026
vscoderudranex-developer-assistant:1.0.129 शकते, 2026
npmनेमो-रिपोर्टर:१.८.२29 शकते, 2026
npm@qlab/ui:2.0.529 शकते, 2026
npmforge-jsxy:1.0.12129 शकते, 2026
npm@qlab/ui:2.0.629 शकते, 2026
npm@qlab/component-intelligence:2.0.629 शकते, 2026
npmsearch-engine-setup:1.0.910629 शकते, 2026
npmopensearch-setup-tool:1.0.910729 शकते, 2026
npm@0xlr/vercel-analytics:999.0.029 शकते, 2026
npm@0xlr/stripe-frontend:999.0.029 शकते, 2026
npm@0xlr/stripe-checkout-js:999.0.029 शकते, 2026
npm@0xlr/sentry-web:999.0.029 शकते, 2026
npm@0xlr/clerk-auth:999.0.029 शकते, 2026
npm@0xlr/supabase-db:999.0.029 शकते, 2026
npm@0xlr/prisma-client-js:999.0.029 शकते, 2026
npm@flexspec/cli:0.3.1-dev.2661202772229 शकते, 2026
npm@cloudplatform-single-spa/administration:99.99.10030 शकते, 2026
npm@cloudplatform-single-spa/svp-s3-storage:99.99.10030 शकते, 2026
npm@maximvs1538/os-npm:99.0.030 शकते, 2026
npm@easy-entry/landing-routes:99.9.530 शकते, 2026
npm@easy-entry/outside-registration-fop-navigator:99.9.530 शकते, 2026
npm@easy-entry/routes:99.9.530 शकते, 2026
npmसीएमएस-गिटहब:४.२.४30 शकते, 2026
npm@t-in-one/form_product_token:5.7.130 शकते, 2026
npm@capibar.chat/ui-kit:99.5.730 शकते, 2026
npmसीएमएस-हेल्पगिट:४.२.८30 शकते, 2026
npmसीएमएस-हेल्पगिट:४.२.८30 शकते, 2026
vscodexampp-manager:5.1.330 शकते, 2026
npm@चॅट-टेम्पलेट/ऑथ:१.०.०31 शकते, 2026
npmसीएमएस-स्टोअरहब:१.३.६31 शकते, 2026
npmसीएमएस-स्टोअरहब:१.३.६31 शकते, 2026
npmरिटेल-लोकेशन-स्ट्रॅटेजी-फ्रंटएंड:१.१.२31 शकते, 2026
npmरिटेल-लोकेशन-स्ट्रॅटेजी-फ्रंटएंड:१.१.२31 शकते, 2026
npmसीएमएस-स्टोअरहब:१.३.६31 शकते, 2026
pypiसिमटूरियल-सीएलआय:०.३.०जून 01, 2026
npmकन्व्हर्सा-एसडीके:२.०.२जून 01, 2026
npmवेल्ट्रिक्स:९.०.१जून 01, 2026
npmjingmeideshishi:1.0.4जून 01, 2026
npm@tse-digital/core:99.0.0जून 01, 2026
npm@telenor-se/core:99.0.0जून 01, 2026
npm@ownit/core:99.0.0जून 01, 2026
npmjingmeideshishi:1.0.5जून 01, 2026
npmरुग्णांची कागदपत्रे:७५.०.०जून 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.69जून 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.68जून 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.82जून 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.80जून 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.81जून 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.83जून 01, 2026
npm@antoncallahan/aws-user-helper:6767.67.3जून 01, 2026
npmवेल्ट्रिक्स:९.०.१जून 01, 2026
npm@emcd-vue/auth:6.4.9जून 01, 2026
npm@emcd-vue/b2b-pay-form:5.7.4जून 01, 2026

पहिला आठवडा: ६३ हून अधिक पॅकेजेस सापडली

पर्यावरणातील पॅकेज तारीख
npmerslove:1.22.1216 शकते, 2026
npmdit-envv:17.4.216 शकते, 2026
npmbriantreehttp:0.4.016 शकते, 2026
npmcheaty-sync-bot:1.0.016 शकते, 2026
ओपनव्हीएसएक्सbingcha/bcai-tools:4.0.3516 शकते, 2026
npmhello-world-pkg-value-value-p:1.0.1116 शकते, 2026
npmhello-world-pkg-value-value-p:1.0.816 शकते, 2026
npmhello-world-pkg-value-value-p:1.0.916 शकते, 2026
npmhello-world-pkg-value-value-p:1.0.1216 शकते, 2026
npmaxois-utils:1.0.616 शकते, 2026
npmaxois-utils:1.0.416 शकते, 2026
npmventuro-playwright-core:1.0.816 शकते, 2026
npmchalk-tempalte:1.0.1616 शकते, 2026
npmchalk-tempalte:1.0.1416 शकते, 2026
npmchalk-tempalte:1.0.2017 शकते, 2026
npmchalk-tempalte:1.0.1917 शकते, 2026
npmaxois-utils:1.0.917 शकते, 2026
npm@rocketreach/rr-components:9999.0.017 शकते, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.418 शकते, 2026
npmsmtp-test-server-node:99.2.118 शकते, 2026
npmsmtp-test-server-node:99.2.218 शकते, 2026
npm@lir-portal/web-components:2.0.418 शकते, 2026
npm@zentrafinance/contracts:1.0.318 शकते, 2026
npm@zentrafinance/protocol-config:1.0.318 शकते, 2026
npm@zentrafinance/sdk:1.0.318 शकते, 2026
npm@zentrafinance/types:1.0.318 शकते, 2026
npm@zentrafinance/types:1.0.518 शकते, 2026
npm@zentrafinance/protocol-config:1.0.618 शकते, 2026
npm@zentrafinance/sdk:1.0.618 शकते, 2026
npm@zentrafinance/types:1.0.718 शकते, 2026
npmclementine-sdk:2.0.018 शकते, 2026
npmcitrea-utils:2.0.018 शकते, 2026
npm@zentrafinance/protocol-config:2.0.118 शकते, 2026
npm@zentrafinance/sdk:2.0.018 शकते, 2026
npm@zentrafinance/types:2.0.118 शकते, 2026
npm@zentrafinance/types:2.0.018 शकते, 2026
npmbui-react-10hooks: 99.0.018 शकते, 2026
npmbui-react-10components:99.0.018 शकते, 2026
npm@deadcode09284814/axios-util:1.0.118 शकते, 2026
npm@deadcode09284814/axios-util:1.0.018 शकते, 2026
npmcolor-style-utils:1.0.718 शकते, 2026
npmnode-env-resolve:1.2.018 शकते, 2026
npm@easytipsportal/node-helper:1.0.118 शकते, 2026
npm@zentrafinance/contracts:2.0.218 शकते, 2026
npmcitrea-sdk:2.0.218 शकते, 2026
npmclementine-sdk:2.0.218 शकते, 2026
npmcitrea-bridge:2.0.218 शकते, 2026
npmcitrea-utils:2.0.218 शकते, 2026
npm@zentrafinance/types:2.0.218 शकते, 2026
npmapexomni-node:1.0.019 शकते, 2026
npmapex-trading:1.0.019 शकते, 2026
npmapex-trading:1.0.119 शकते, 2026
npmapex-connector:1.0.419 शकते, 2026
npmapexpro-node:1.0.219 शकते, 2026
npmapex-connector:1.0.319 शकते, 2026
npmapexomni-node:1.0.219 शकते, 2026
npmapex-trading:1.0.219 शकते, 2026
npmapexpro-node:1.0.319 शकते, 2026
npmforge-jsxy:1.0.8119 शकते, 2026
npmforge-jsxy:1.0.9019 शकते, 2026
npmsickle-wrapper:0.2.120 शकते, 2026
npm@doctolib-apps/native-personalized-services:99.99.9921 शकते, 2026
npm@doctolib-apps/native-personalized-services:1.0.021 शकते, 2026
npm@doctolib-apps/native-personalized-services:1.0.121 शकते, 2026
pypikanga-hack:1.0.421 शकते, 2026
pypilibhmac:0.8.28.121 शकते, 2026
npm@limebike/supreme-data-grid:85.14.4421 शकते, 2026
npm@limebike/supreme-date-pickers:85.14.4421 शकते, 2026
npm@limebike/supreme-data-grid:85.14.4821 शकते, 2026
pypiai-prishtina-agentic-kag:0.1.021 शकते, 2026
npmhehehe:1.0.721 शकते, 2026
npmdefi-threat-scanner:2.1.222 शकते, 2026
npmdeployment-key-auditor:0.7.322 शकते, 2026
npmeth-wallet-sentinel:1.0.922 शकते, 2026
npmweb3-secrets-detector:1.2.622 शकते, 2026
npmsolidity-deploy-guard:0.4.422 शकते, 2026
npmmnemonic-safety-check:0.5.222 शकते, 2026
npmcrypto-credential-scanner:2.0.222 शकते, 2026
npmचेन-की-व्हॅलिडेटर:०.२.३22 शकते, 2026
npmचेन-की-व्हॅलिडेटर:०.२.३22 शकते, 2026
npmडेफी-एनव्ह-ऑडिटर:०.३.२22 शकते, 2026
npmdeployment-key-auditor:1.8.222 शकते, 2026
npmडेफी-एनव्ह-ऑडिटर:०.३.२22 शकते, 2026
npmsolidity-deploy-guard:1.5.222 शकते, 2026
npmwallet-security-checker:2.1.322 शकते, 2026
npmsolidity-deploy-guard:1.5.322 शकते, 2026
npm@jaggle/resizeobserves:1.0.122 शकते, 2026
npm@jaggle/resizeobserves:1.0.322 शकते, 2026
npm@jaggle/resizeobserves:1.0.222 शकते, 2026
npm@jaggle/resizeobserves:1.0.522 शकते, 2026
npm@jaggle/resizeobserves:1.0.622 शकते, 2026
npmdefi-threat-scanner:3.2.522 शकते, 2026
npmdefi-threat-scanner:3.2.422 शकते, 2026
npmडेफी-एनव्ह-ऑडिटर:०.३.२22 शकते, 2026
npmweb3-secrets-detector:2.3.622 शकते, 2026
npmwallet-security-checker:2.1.622 शकते, 2026
npmmnemonic-safety-check:4.0.022 शकते, 2026
npmeth-wallet-sentinel:4.0.022 शकते, 2026
npm@jaggle/resizeobserves:1.0.722 शकते, 2026
npm@jaggle/resizeobserves:1.0.822 शकते, 2026
npm@jaggle/resizeobserves:1.0.422 शकते, 2026

पहिला आठवडा: ६३ हून अधिक पॅकेजेस सापडली

पर्यावरणातील पॅकेज तारीख
npmwin-env-setup:3.0.511 शकते, 2026
npmreact-icon-svgs:1.0.111 शकते, 2026
npmmoney-badger-open-rpc:201.99.10011 शकते, 2026
npmserverless-env-utils:1.0.011 शकते, 2026
npmserverless-env-utils:1.0.211 शकते, 2026
npmserverless-env-utils:1.0.311 शकते, 2026
npmsahrbrucecode32:1.0.011 शकते, 2026
npmclaw_messenger:0.0.7111 शकते, 2026
npm@gbrlxvii/ts-form-utils:2.7.011 शकते, 2026
npmpost-purchase-bundler:99.9.1911 शकते, 2026
npmpost-purchase-bundler:99.9.2611 शकते, 2026
npmpost-purchase-bundler:100.0.111 शकते, 2026
npmpost-purchase-bundler:101.0.311 शकते, 2026
npmrsflows-pexml:99.9.1511 शकते, 2026
npmrsflows-pexml:99.9.2011 शकते, 2026
npmpost-purchase-bundler:102.0.311 शकते, 2026
npmrsflows-pexml:99.9.2511 शकते, 2026
npmpost-purchase-bundler:1.99.011 शकते, 2026
npmslow-surf:10.0.011 शकते, 2026
npmerslove:1.22.1211 शकते, 2026
npmdit-envv:17.4.211 शकते, 2026
npmhehehe:1.0.411 शकते, 2026
npm@gbrlxvii/ts-form-utils:3.7.011 शकते, 2026
npmclaw_messenger:0.0.7411 शकते, 2026
ओपनव्हीएसएक्सwhatwedo/twig:1.2.711 शकते, 2026
ओपनव्हीएसएक्सgeorge-alisson/html-preview-vscode:1.2.711 शकते, 2026
ओपनव्हीएसएक्सsohibe/java-generate-setters-getters:9.0.211 शकते, 2026
npmbyvendors:99.0.611 शकते, 2026
npmbriantreehttp:0.4.011 शकते, 2026
npmnoon-contracts:1.0.012 शकते, 2026
npm@draftlab/db:0.16.112 शकते, 2026
npm@uipath/uipath-python-bridge:1.0.112 शकते, 2026
npm@uipath/aops-policy-tool:0.3.112 शकते, 2026
npm@uipath/codedagent-tool:1.0.112 शकते, 2026
npm@uipath/gov-tool:0.3.112 शकते, 2026
npm@uipath/telemetry:0.0.712 शकते, 2026
npm@uipath/admin-tool:0.1.112 शकते, 2026
npm@uipath/codedapp-tool:1.0.112 शकते, 2026
npm@uipath/insights-sdk:1.0.112 शकते, 2026
npm@uipath/tool-workflowcompiler:0.0.1212 शकते, 2026
npm@uipath/project-packager:1.1.1612 शकते, 2026
npm@uipath/access-policy-sdk:0.3.112 शकते, 2026
npm@uipath/vertical-solutions-tool:1.0.112 शकते, 2026
npm@uipath/integrationservice-sdk:1.0.212 शकते, 2026
npm@uipath/access-policy-tool:0.3.112 शकते, 2026
npm@uipath/resourcecatalog-tool:0.1.112 शकते, 2026
npm@uipath/agent-tool:1.0.112 शकते, 2026
npm@uipath/api-workflow-tool:1.0.112 शकते, 2026
npm@uipath/tasks-tool:1.0.112 शकते, 2026
npm@uipath/solution-tool:1.0.112 शकते, 2026
npm@uipath/vss:0.1.612 शकते, 2026
npm@tallyui/components:1.0.112 शकते, 2026
npm@squawk/flight-math:0.5.412 शकते, 2026
npm@squawk/weather:0.5.612 शकते, 2026
npm@mistralai/mistralai-gcp:1.7.112 शकते, 2026
npm@mesadev/saguaro:0.4.2212 शकते, 2026
npmdpdgroupuk:0.0.112 शकते, 2026
npm@cplace-paw-fe/cf-training-extended:2.0.412 शकते, 2026
npm@jacobson1977/hp-setup:2.0.214 शकते, 2026
npm@jacobson1977/hp-setup:2.0.514 शकते, 2026
npm@jacobson1977/hp-setup:2.0.614 शकते, 2026
npm@jacobson1977/hp-setup:2.0.714 शकते, 2026
npm@jacobson1977/hp-setup:2.0.814 शकते, 2026
npm@jacobson1977/hp-setup:2.0.914 शकते, 2026
npm@jacobson1977/hp-setup:2.1.014 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmएचपीसेटअप:२.०.०14 शकते, 2026
npmhousecallpro:1.0.114 शकते, 2026
pypiai-spellcheckers:1.0.014 शकते, 2026
pypicicada-tg:0.3.614 शकते, 2026
npmsmtp-test-server-node:99.2.114 शकते, 2026
npmsmtp-test-server-node:99.2.214 शकते, 2026
npm@lir-portal/web-components:2.0.414 शकते, 2026
npmdotenvv-tool:1.0.114 शकते, 2026
npmrimraf-utils:1.0.114 शकते, 2026
npmexxpress-tool:1.0.014 शकते, 2026
npmexxpress-tool:1.0.114 शकते, 2026
npmexxpress-utils:1.0.114 शकते, 2026
npm@design-system-coopeuch/web:999.0.414 शकते, 2026
npm@design-system-coopeuch/web:999.0.314 शकते, 2026
npm@design-system-coopeuch/web:999.0.214 शकते, 2026
pypipyexecutorsme:0.1.015 शकते, 2026
pypipyexecutorsme:0.1.215 शकते, 2026
npmhello-world-pkg-value-value-p:1.0.715 शकते, 2026
npmhello-world-pkg-value-value-p:1.0.1015 शकते, 2026
npmaxon-enterprise: 1.0.015 शकते, 2026

पहिला आठवडा: ६३ हून अधिक पॅकेजेस सापडली

पर्यावरणातील पॅकेज तारीख
npm@apple-pay-trust/cancelled:99.0.301 शकते, 2026
npmapple-internal-security-library-v99:100.0.101 शकते, 2026
npmfiat-token-admin:99.1.101 शकते, 2026
npmstellar-stablecoin-scripts:99.1.001 शकते, 2026
npmnode-red-contrib-fox-control-admin:2.0.301 शकते, 2026
npmnode-red-contrib-fox-control-admin:2.0.401 शकते, 2026
npmnode-red-contrib-fox-control-admin:2.0.701 शकते, 2026
npmblackbeards-navigator:211.0.001 शकते, 2026
npmblackbeards-navigator:212.0.001 शकते, 2026
npmblackbeards-navigator:213.0.001 शकते, 2026
npmblackbeards-navigator:217.0.001 शकते, 2026
npmblackbeards-navigator:220.0.001 शकते, 2026
npmblackbeards-navigator:221.0.001 शकते, 2026
npmblackbeards-navigator:222.0.001 शकते, 2026
npmsirens-lament:211.0.001 शकते, 2026
npmsirens-lament:212.0.001 शकते, 2026
npmsirens-lament:213.0.001 शकते, 2026
npmगनपावडर-घोस्ट:९९९९.०.०01 शकते, 2026
npmगनपावडर-घोस्ट:९९९९.०.०01 शकते, 2026
npmcodewhisperer-streaming:1.0.1502 शकते, 2026
npmशॅडक्सिनो:१.०.७02 शकते, 2026
npmamazon-data-kiosk-monorepo:1.0.1002 शकते, 2026
npmclaude-code-best:2.0.103 शकते, 2026
npmapexpro:99.99.9903 शकते, 2026
npmapexomni:99.99.9903 शकते, 2026
npmapexomni:99.99.10003 शकते, 2026
npmapexpro:99.99.10003 शकते, 2026
npmnode-env-resolve:1.0.703 शकते, 2026
npmnode-env-resolve:1.0.803 शकते, 2026
npm@xp-utilities/web:99.0.003 शकते, 2026
npmnextjs-chat-with-ai-service:99.9.903 शकते, 2026
npm@alfa.life.mapp/app.web:99.0.1304 शकते, 2026
npm@alfa.life.mapp/app.web:99.0.1404 शकते, 2026
npm@alfa.life.mapp/app.web:99.0.1504 शकते, 2026
npm@alfa.life.mapp/app.web:99.0.1604 शकते, 2026
npm@alfa.life.mapp/app.web:99.0.1704 शकते, 2026
npm@alfa.life.mapp/app.web:99.0.1904 शकते, 2026
npm@sbt_gitverse/analytics-client:99.0.104 शकते, 2026
npm@sbt_gitverse/analytics-client:99.0.404 शकते, 2026
npm@sbt_gitverse/analytics-client:99.0.504 शकते, 2026
npm@tochka-ui/foundation:99.0.204 शकते, 2026
npm@tochka-ui/foundation:99.0.304 शकते, 2026
npm@tochka-ui/foundation:99.0.404 शकते, 2026
npmkl-b2c-ui-kit:99.0.104 शकते, 2026
npmkl-b2c-ui-kit:99.0.204 शकते, 2026
npmkl-b2c-ui-kit:99.0.304 शकते, 2026
npmpi-exa-mcp:99.9.1104 शकते, 2026
npmpi-exa-mcp:99.9.1204 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmगूगल-क्लाउड-सिक्रेट-मॅनेजर-कॉन्फिग-पीओसी:९९.९.४४04 शकते, 2026
npmpaypal-payouts-bridge:99.9.904 शकते, 2026
npmpaypal-payouts-bridge:100.1.104 शकते, 2026
npmpaypal-payouts-bridge:100.1.404 शकते, 2026
npmpaypal-payouts-bridge:100.1.604 शकते, 2026
npmpaypal-payouts-bridge:100.1.904 शकते, 2026
npmpaypal-payouts-bridge:100.2.804 शकते, 2026
npmमायक्रोसॉफ्ट-कर्मचारी-अनुभव:९९.२.२05 शकते, 2026
npmcarp-shield:0.1.005 शकते, 2026
npmfanduel:100.5.005 शकते, 2026
npmexiouss:1.0.605 शकते, 2026
npmenterprise-auth-gateway-core:50.50.5006 शकते, 2026
npm@saif777/codemirror5:7.66.406 शकते, 2026
npm@saif777/codemirror5:7.66.506 शकते, 2026
npmfeature-flag-service:2.0.106 शकते, 2026
npmfeature-flag-service:2.0.206 शकते, 2026
npmfeature-flag-service:2.0.306 शकते, 2026
npmsort-btree:2.1.206 शकते, 2026
npmviem-core:1.0.006 शकते, 2026
npmviem-utils-core:1.0.006 शकते, 2026
npmhardhat-core-utils:1.0.006 शकते, 2026
npmवेल्ट्रिक्स:९.०.१06 शकते, 2026
npmevm-utils:1.0.006 शकते, 2026
npmweb3-utils-core:1.0.006 शकते, 2026
npmfoundry-utils:1.0.006 शकते, 2026
npmcarboniteapp:99.9.007 शकते, 2026
npmcarbonite-internal:99.9.007 शकते, 2026
npmmoney-badger-open-rpc:200.99.10007 शकते, 2026
npm24712-pl5006:0.0.107 शकते, 2026
ओपनव्हीएसएक्सeriklynd/json-tools:20.1.207 शकते, 2026
npminvixco:1.0.407 शकते, 2026
npmwin-sys-health-agent:1.0.208 शकते, 2026
npmwin-env-setup:3.0.608 शकते, 2026
npmwin-sys-health-agent:1.0.308 शकते, 2026

Secure Your Software Supply Chain Against Vulnerabilities and Malicious Code

Software supply chain attacks are no longer theoretical threats. Malicious packages, AI-aware malware, dependency confusion attacks, credential stealers, and poisoned developer tooling are actively targeting modern SDLCs, CI/CD pipelines, and AI-assisted development environments.

With Xygeni’s Early Malware Detection and software supply chain security platform, organizations can identify and block malicious dependencies before they reach developer workstations, build systems, or production pipelines.

Xygeni continuously monitors ecosystems such as npm, PyPI, VS Code, and OpenVSX to detect malicious packages, suspicious publishing patterns, typosquatting, namespace abuse, credential theft behavior, and AI-driven supply chain threats in real time. Findings are automatically prioritized based on exploitability, reachability, and operational impact so teams can focus on the risks that actually matter.

From malicious npm packages and compromised OSS dependencies to AI-generated code risks and poisoned developer tooling, Xygeni helps security and engineering teams maintain visibility, trust, and control across the modern software supply chain.

To explore the latest malware campaigns and validated malicious packages discovered by the Xygeni Security Team, visit the complete दुर्भावनापूर्ण कोड डायजेस्ट.

सुरक्षित रहा. वेगवान रहा. Xygeni सोबत नियंत्रणात रहा.

sca-tools-software-composition-analysis-tools
तुमच्या सॉफ्टवेअरमधील धोक्यांना प्राधान्य द्या, त्यांचे निवारण करा आणि त्यांना सुरक्षित करा.
आपले मोफत खाते मिळवा.
क्रेडिट कार्ड आवश्यक नाही.

तुमचा सॉफ्टवेअर विकास आणि वितरण सुरक्षित करा

झायगेनी प्रोडक्ट सूटसह