Diġest ta' Kodiċi Malizzjuż 74

Diġest tal-Kodiċi Malizzjuż Xygeni 74

Kważi kull ġimgħa, is-sistemi tagħna ta' skoperta ta' malware jiskennjaw eluf ta' pakketti ġodda u aġġornati f'reġistri pubbliċi bħal npm u PyPI. Din il-ġimgħa ma kinitx eċċezzjoni.

We confirmed over 130 malicious packages between June 7 and June 12, 2026, predominantly across npm, with additional cases in PyPI. Several appeared in coordinated clusters, repeated malicious releases published under the same names or across closely related package families.

The standout case this week was sensivity, which flooded npm with over 40 versioned releases across the 2.5.x range, confirmed across multiple days. Other notable clusters included a wave of @solana-labs typosquats targeting the Solana ecosystem (web3.js, web3-js, etherjs, spl-toke, ancor, web3js — across two separate publishing campaigns on Jun 7 and Jun 8), the @nstrlabs family (sdk, ixel, utils, shared-components, api-client, auth — dependency confusion attack against an internal package namespace), the @klapp-login-platform group (native-sdk, oidc, routes — impersonating an authentication platform), internallib_v557 u, internallib_v984 (multiple versions of obfuscated internal library impostors), pocteszep (6 versions published on Jun 11), and a cluster of crypto and Web3 utilities including blockchain-helper-0, ethereum-kit-1, ethereum-kit-9, crypto-utils-7, wallet-sdk-9, defi-tools-39, swap-sdk-87, u farming-tools-12. il morningstar-design-system package appeared in three versions on Jun 10, impersonating a well-known financial design system. In PyPI, helixagentai, telegramlite, u cdjeez were confirmed across the week.

These were not isolated anomalies. What stood out this week was the concentration of dependency confusion attacks against internal package namespaces, the sustained multi-day publishing of the sensivity cluster, and the continued targeting of Web3 and Solana tooling, a pattern that has accelerated significantly in 2026.

Din l-istampa ta' kull ġimgħa hija parti mid-Digest tal-Kodiċi Malizzjuż li għaddej bħalissa, fejn nivvalidaw theddid ġdid u nipprovdu intelliġenza azzjonabbli biex ngħinu lit-timijiet tad-DevSecOps jipproteġu tagħhom. pipelines qabel ma sseħħ il-ħsara.

Ejjew nanalizzaw x'sibna din il-ġimgħa u għaliex huwa importanti.

Ekosistema Pakkett data
npmkraken-ui:999.0.0Ġunju 7, 2026
npm@sflyinc-knapsack/shutterfly-react:999.0.0Ġunju 7, 2026
npmhehehee:1.0.9Ġunju 7, 2026
npmleaflet-opencage-geocoding:1.0.0Ġunju 7, 2026
npm@solana-labs/web3.js:1.0.0Ġunju 7, 2026
npm@solana-labs/web3-js:1.0.0Ġunju 7, 2026
npm@solana-labs/spl-toke:1.0.0Ġunju 7, 2026
npm@solana-labs/web3js:1.0.0Ġunju 7, 2026
npm@solana-labs/etherjs:1.0.0Ġunju 7, 2026
npm@solana-labs/ancor:1.0.0Ġunju 7, 2026
npm@solana-labs/ancor:1.0.1Ġunju 7, 2026
npm@jisan901/teamfocus:1.0.0Ġunju 7, 2026
npm@jisan901/teamfocus:1.0.1Ġunju 7, 2026
npm@jisan901/teamfocus:1.0.2Ġunju 7, 2026
npmconsumerweb-authflow:4.1.1Ġunju 8, 2026
npmconsumerweb-authflow:4.1.3Ġunju 8, 2026
npmhehehee:1.0.10Ġunju 8, 2026
pypiaġent tal-elika: 0.1.3Ġunju 8, 2026
npm@solana-labs/web3.js:1.98.102Ġunju 8, 2026
npm@solana-labs/web3-js:1.98.103Ġunju 8, 2026
npm@solana-labs/etherjs:1.98.103Ġunju 8, 2026
npm@solana-labs/spl-toke:1.98.103Ġunju 8, 2026
npm@solana-labs/ancor:1.98.103Ġunju 8, 2026
npm@solana-labs/web3js:1.98.103Ġunju 8, 2026
npm@solana-labs/web3.js:1.98.104Ġunju 8, 2026
npm@solana-labs/web3js:1.98.105Ġunju 8, 2026
npm@solana-labs/web3-js:1.98.105Ġunju 8, 2026
npm@solana-labs/spl-toke:1.98.105Ġunju 8, 2026
npm@solana-labs/etherjs:1.98.105Ġunju 8, 2026
npm@solana-labs/ancor:1.98.105Ġunju 8, 2026
npm@nstrlabs/sdk:99.0.0Ġunju 9, 2026
npm@nstrlabs/sdk:99.0.1Ġunju 9, 2026
npm@nstrlabs/ixel:99.0.0Ġunju 9, 2026
npm@nstrlabs/ixel:99.0.1Ġunju 9, 2026
npm@klapp-login-pjattaforma/sdk-nattiv:99.0.2Ġunju 9, 2026
npm@klapp-login-platform/oidc:99.0.2Ġunju 9, 2026
npm@klapp-login-pjattaforma/sdk-nattiv:99.0.0Ġunju 9, 2026
npm@klapp-login-platform/oidc:99.0.0Ġunju 9, 2026
npm@klapp-login-platform/routes:99.0.0Ġunju 9, 2026
npm@klapp-login-platform/routes:99.0.2Ġunju 9, 2026
npm@listings/energy-labels:99.0.0Ġunju 9, 2026
npm@listings/energy-labels:99.0.1Ġunju 9, 2026
npm@zimmo/last_search:99.0.1Ġunju 9, 2026
npm@zimmo/last_search:99.0.0Ġunju 9, 2026
npm@nstrlabs/utils:99.0.1Ġunju 9, 2026
npm@nstrlabs/utils:99.0.0Ġunju 9, 2026
npm@nstrlabs/shared-components:99.0.0Ġunju 9, 2026
npm@nstrlabs/shared-components:99.0.1Ġunju 9, 2026
npm@nstrlabs/api-client:99.0.1Ġunju 9, 2026
npm@nstrlabs/auth:99.0.1Ġunju 9, 2026
npm@nstrlabs/auth:99.0.0Ġunju 9, 2026
npm@nstrlabs/api-client:99.0.0Ġunju 9, 2026
npm@payment-review/store:99.0.1Ġunju 9, 2026
npm@payment-review/store:99.0.0Ġunju 9, 2026
npm@klapp-otp/routes:99.0.1Ġunju 9, 2026
npm@klapp-otp/routes:99.0.0Ġunju 9, 2026
npm@klapp-kyc/routes:99.0.0Ġunju 9, 2026
npm@klapp-kyc/routes:99.0.1Ġunju 9, 2026
npm@klapp-sca/routes:99.0.0Ġunju 9, 2026
npm@klapp-sca/routes:99.0.1Ġunju 9, 2026
npm@card-pci-data/store:99.0.0Ġunju 9, 2026
npm@card-pci-data/store:99.0.1Ġunju 9, 2026
npm@klapp-about/routes:99.0.1Ġunju 9, 2026
npm@klapp-about/routes:99.0.2Ġunju 9, 2026
npm@klapp-about/routes:99.0.0Ġunju 9, 2026
npmblockchain-helper-0:1.0.0Ġunju 9, 2026
npmcrypto-utils-7:1.0.0Ġunju 9, 2026
npmethereum-kit-1:1.0.0Ġunju 9, 2026
npmweb3-tools-9:1.0.0Ġunju 9, 2026
npmonlinegdb:1.0.0Ġunju 9, 2026
npmsolana-core-4:1.0.0Ġunju 9, 2026
npmethereum-kit-9:1.25.36Ġunju 9, 2026
npmwallet-sdk-9:3.7.73Ġunju 9, 2026
npmdefi-tools-39:4.26.29Ġunju 9, 2026
npmswap-sdk-87:4.63.78Ġunju 9, 2026
npmfarming-tools-12:4.68.54Ġunju 9, 2026
npmsistema-tad-disinn-morningstar:99.0.0Ġunju 10, 2026
npmsistema-tad-disinn-morningstar:99.0.1Ġunju 10, 2026
npmsistema-tad-disinn-morningstar:99.0.2Ġunju 10, 2026
npmgoogle-cloud-secret-manager-config-poc:99.9.44Ġunju 11, 2026
pypitelegramlite:1.0.0Ġunju 11, 2026
pypitelegramlite:1.0.1Ġunju 11, 2026
npm@access-risk/browser-remedy-react:99.1.1Ġunju 11, 2026
npm@access-risk/browser-remedy-react:99.0.0Ġunju 11, 2026
npm@coze-common/chat-area:99.1.1Ġunju 11, 2026
npmverżjoni: 1.0.5Ġunju 11, 2026
npmverżjoni: 1.0.4Ġunju 11, 2026
npmverżjoni: 1.0.2Ġunju 11, 2026
npmverżjoni: 1.0.1Ġunju 11, 2026
npmverżjoni: 1.0.8Ġunju 11, 2026
npmverżjoni: 1.1.1Ġunju 11, 2026
npmsensittività: 2.5.68Ġunju 11, 2026
npmsensittività: 2.5.67Ġunju 11, 2026
npmsensittività: 2.5.4Ġunju 11, 2026
npmsensittività: 2.5.58Ġunju 11, 2026
npmsensittività: 2.5.59Ġunju 11, 2026
npmsensittività: 2.5.66Ġunju 11, 2026
npmsensittività: 2.5.65Ġunju 11, 2026
npmsensittività: 2.5.2Ġunju 11, 2026
npmsensittività: 2.5.15Ġunju 11, 2026
npmsensittività: 2.5.5Ġunju 11, 2026
npmsensittività: 2.5.13Ġunju 11, 2026
npmsensittività: 2.5.1Ġunju 11, 2026
npmsensittività: 2.5.35Ġunju 11, 2026
npmsensittività: 2.5.38Ġunju 11, 2026
npmsensittività: 2.5.64Ġunju 11, 2026
npmsensittività: 2.5.14Ġunju 11, 2026
npmsensittività: 2.5.34Ġunju 11, 2026
npmsensittività: 2.5.60Ġunju 11, 2026
npmsensittività: 2.5.0Ġunju 11, 2026
npmsensittività: 2.5.33Ġunju 11, 2026
npmsensittività: 2.5.37Ġunju 11, 2026
npmsensittività: 2.5.3Ġunju 11, 2026
npmsensittività: 2.5.36Ġunju 11, 2026
npmsensittività: 2.5.63Ġunju 11, 2026
npmsensittività: 2.5.69Ġunju 11, 2026
npmsensittività: 2.5.62Ġunju 11, 2026
npm@whatnot-web/www-legacy:99.1.2Ġunju 12, 2026
npm@whatnot-web/www-legacy:99.1.1Ġunju 12, 2026
npmvoyager-web:999.0.0Ġunju 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.18Ġunju 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.17Ġunju 12, 2026
npmecto-nightly-spirit:1.1.0Ġunju 12, 2026
npmecto-corsair-flag-x9m4:1.0.0Ġunju 12, 2026
npmecto-rust-read-f3a9c1:1.0.2Ġunju 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.16Ġunju 12, 2026
npmecto-rust-read-f3a9c1:1.0.1Ġunju 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.15Ġunju 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.14Ġunju 12, 2026
npminternallib_v984:1.0.3Ġunju 12, 2026
npminternallib_v984:1.0.4Ġunju 12, 2026
npminternallib_v984:1.0.2Ġunju 12, 2026
npminternallib_v557:1.0.4Ġunju 12, 2026
npminternallib_v557:1.0.7Ġunju 12, 2026
npminternallib_v557:1.0.9Ġunju 12, 2026
npminternallib_v557:1.0.10Ġunju 12, 2026
npminternallib_v557:1.0.15Ġunju 12, 2026
npminternallib_v557:1.0.16Ġunju 12, 2026
npminternallib_v557:1.0.18Ġunju 12, 2026
npmqroll-wraith:1.0.0Ġunju 12, 2026
npminternallib_v557:1.0.21Ġunju 12, 2026
npminternallib_v557:1.0.22Ġunju 12, 2026
pypicdjeez:0.32.0Ġunju 12, 2026

Don’t Let Malicious Packages Reach Production

The packages your teams depend on are increasingly being used as an entry point. Sejbien Bikri ta' Malware minn Xygeni monitors registries in real time, so threats like the ones in this week’s digest are blocked before they ever reach your builds.

This week’s findings are a reminder that the tactics are getting more deliberate. Version flooding, namespace impersonation, and multi-day coordinated campaigns are not edge cases anymore, they are standard attacker playbook. One-time scans and manual audits cannot keep pace with campaigns that publish dozens of versions across multiple days and registries simultaneously.

Xygeni's Open Source Security solution gives your DevSecOps teams continuous visibility across npm, PyPI, and beyond,detecting harmful packages at the moment of publication, prioritizing what poses real exploitable risk, and shortening the path from detection to remediation. So your teams can ship fast without compromising on security.

sca-tools-software-composition-analysis-tools
Prijoritizza, irranġa, u assigura r-riskji tas-softwer tiegħek
Ikseb il-Kont B'Xejn tiegħek.
Mhix meħtieġa karta ta 'kreditu.

Assigura l-Iżvilupp u l-Kunsinna tas-Softwer tiegħek

bis-Suite tal-Prodotti Xygeni