Kötü Amaçlı Kod Özeti Haziran

Kötü Amaçlı Kod Özeti Aylık Özet: Haziran

Hoşgeldiniz June edition of the Xygeni Malicious Code Digest. This month, our security research team confirmed more than 645 kötü amaçlı paket across npm, PyPI, and (for the first time) the VSCode extension marketplace.

June was defined by three converging trends: sustained version-flooding campaigns designed to outlast blocklists, a sharp acceleration in attacks targeting AI tooling and agentic development workflows, and coordinated dependency confusion attacks against internal monorepo namespaces.

Among the most notable campaigns documented this month:

  • hassasiyet flooded npm with over 70 versions across the 2.5.x range, a sustained evasion campaign republishing continuously to stay ahead of takedowns.
  • A two-wave Solana typosquat campaign (June 7–8) published 15 packages impersonating @solana-labs ecosystem tooling, targeting Web3 and DeFi developers directly.
  • houzidawang806 accounted for over 25 versions in a single day (June 13), joined by metrikler-pipeline-d8k2 republished across 21 versions between June 15–18.
  • MKS CryptoDAO Confusion campaign (June 17) published 11 packages at version 99.99.99, each carrying an identical postinstall payload sweeping CI/CD tokens, cloud credentials, and crypto wallet secrets. 
  • The week of June 20–26 brought the most concentrated AI tooling targeting of the month: ollama-yardımcıları (20 versiyon), açık yapay zeka-ajanları-yardımcıları (23 versiyon), monoclaude, yapay zeka SDK yardımcıları, ve @langgraphjs/toolkit, all confirmed in a single week, directly targeting Ollama, OpenAI agents SDK, LangGraph, and Claude API integrations.
  • Two confirmed malicious VSCode extensions appeared this month, signaling that attackers are expanding beyond package registries into the developer environment itself.

The defining pattern of June: attacks are moving into IDE extensions, AI agent tooling, and agentic workflows where a malicious package installed autonomously has no human reviewer between infection and execution.

This monthly update is part of Xygeni’s ongoing malware and supply chain threat research initiative. For full context across every malicious package confirmed this month, explore the complete June Malicious Code Digest and related research from the Xygeni Security Team.

4. Hafta: 201'den Fazla Paket Keşfedildi

Ekosistem paket Tarih
Haziran 20, 2026
npmpanrouter:5.0.2 + 30 versions across 5.x–6.x range through Jun 22 — dominant campaign of the weekHaziran 20, 2026
npmtrimprompt:1.0.5 + 4 versions — continuation from previous week, still activeHaziran 20, 2026
npmmonoclaude:1.0.1 + 2 versions — Claude API tooling impersonationHaziran 20, 2026
vs koduorbit-agent-pair-programming-for-smalltalk:1.206.0 + 1 version — malicious VSCode extension targeting agentic developmentHaziran 20, 2026
npmsimplisafe-gatsby:1.0.1 Smart home platform namespace impersonationHaziran 20, 2026
Haziran 21, 2026
npmatlasora-paylaşılan:1.0.0 + 6 packages — coordinated monorepo dependency confusion: atlasora-api, -client, -sdk, -types, -utils, -configHaziran 21, 2026
npmapintergrationpost:4.0.2 + 6 versions — deliberate misspelling campaign targeting integration toolingHaziran 21, 2026
npmllm-traces-app:1.0.1 LLM observability tooling targetedHaziran 21, 2026
pipid0rk3r-telemetri:1.0.0 Obfuscated telemetry package in PyPIHaziran 21, 2026
Haziran 22, 2026
pipitm-ai:2.91.75 + 7 versions — sustained PyPI version flooding campaignHaziran 22, 2026
pipiistek-önbelleği-py:1.0.4 + 6 versions — PyPI version floodingHaziran 22, 2026
pipicorvinos:0.17.0 + 6 versions — PyPI bulk registration campaignHaziran 22, 2026
Haziran 23, 2026
npmweb3-token-yardımcısı:1.1.1 + 2 versions — Web3 token utility targetingHaziran 23, 2026
npmmonokros:1.0.1 + 1 version — mono-* naming cluster alongside monoclaude and monotacosHaziran 23, 2026
Haziran 24, 2026
npmollama-yardımcıları:0.1.0 + 19 versions — largest AI tooling campaign of the month, targeting Ollama local AI runtimeHaziran 24, 2026
npmopenai-agents-helpers:0.1.1 + 22 versions — coordinated campaign targeting OpenAI agents SDK ecosystemHaziran 24, 2026
Haziran 25, 2026
npmyapay zeka-sdk-yardımcıları:1.4.3 AI SDK tooling targeted alongside @langgraphjs/toolkit:1.2.11Haziran 25, 2026
npmkayıt-gömücü:99.99.99-poc3 + hs-locale-management — HubSpot internal namespace dependency confusion, poc suffix confirms active research campaignHaziran 25, 2026
Haziran 26, 2026
npmkolay-tel-kit:1.0.1 + 8 versions including variant easy-string-kit232 — bulk registration under generic utility nameHaziran 26, 2026
npmgüvenli olmayan kötü amaçlı paket:1.0.0 + 5 versions — package explicitly named as malicious, confirmed payload, likely test or provocation campaignHaziran 26, 2026
npm@vpms/tasarım-sistemi:1.1.2 + 2 versions — design system namespace impersonationHaziran 26, 2026

3. Hafta: 200'den Fazla Paket Keşfedildi

Ekosistem paket Tarih
Haziran 13, 2026
npmhouzidawang806:1.0.0 + 25 versions across 1.0.x–1.2.x including siblings houzidawang807 and houzidawang808 — dominant campaign of the weekHaziran 13, 2026
npmfriendly-greeter-demo:1.0.2 + 4 versions — persistent campaign reappearing across multiple daysHaziran 13, 2026
npmtsc-ai:1.2.0 tsc-* cluster: tsc-ai, tsc-mesh, tsc-lotl — CI tooling namespace impersonationHaziran 13, 2026
pipineuralbridge-sdk:4.5.4 + 6 versions across 4.5.x–5.1.x — sustained multi-day PyPI campaignHaziran 13, 2026
Haziran 15, 2026
npmtoken-prices-cron:999.0.0 + 6 packages — DeFi infrastructure dependency confusion cluster targeting internal cron and vault toolingHaziran 15, 2026
Haziran 16, 2026
npmbodega-sdk:9.9.9 + 8 packages — DeFi lending and Cardano ecosystem cluster: flow-lending, surf-lending, janus-*, flowcardano, flowdefiHaziran 16, 2026
npmolay-ölçütleri-q3x7:1.0.0 + 8 versions — generic hex-suffix package registering bulk monitoring-themed namesHaziran 16, 2026
npmnic-datagov:1.0.0 + 3 packages — government data platform namespace impersonation: ogd-analytics, ogd-platform, dms-backendHaziran 16, 2026
Haziran 17, 2026
npmcryptodao-contracts:99.99.99 + 10 packages — CryptoDAO dependency confusion: core, sdk, bot, config, utils, deploy, signer, backend, typesHaziran 17, 2026
pipiteambot-ai:1.48.0 AI agent tooling targeted in PyPIHaziran 17, 2026
Haziran 18, 2026
npmmetrikler-pipeline-d8k2:1.0.0 + 20 versions across Jun 18 — sustained single-day evasion campaign, republishing continuously to outlast blocklistsHaziran 18, 2026
npmtarama-sadece:0.4.5 + 6 versions — version flooding campaignHaziran 18, 2026
npmrenk-araçları-dee0:1.0.0 + 5 generic hex-suffix packages: data-utils, string-tools, type-check, fmt-helpers, metrics-probe — scripted bulk registrationHaziran 18, 2026
npm@azure-lab-services/ml-ts:99.0.0 Azure ML namespace impersonationHaziran 18, 2026
Haziran 19, 2026
npmtrimprompt:1.0.2 + trimprompt-hub — prompt engineering tooling targetedHaziran 19, 2026
npmclaude-cup:0.8.6 Claude API tooling impersonationHaziran 19, 2026
pipiaidaddin-agent:0.1.0 AI agent tooling targeted in PyPIHaziran 19, 2026
npmweb3-crypto-address-utils:0.1.0 Web3 utility targetingHaziran 19, 2026

2. Hafta: 135'den Fazla Paket Keşfedildi

Ekosistem paket Tarih
Haziran 7, 2026
npm@solana-labs/web3.js:1.0.0 + 5 variants — Solana ecosystem typosquat campaign, first waveHaziran 7, 2026
npm@jisan901/teamfocus:1.0.0 + 2 versionsHaziran 7, 2026
npm@sflyinc-knapsack/shutterfly-react:999.0.0 Dependency confusion, inflated versionHaziran 7, 2026
Haziran 8, 2026
npm@solana-labs/web3.js:1.98.102 + 9 variants — Solana ecosystem typosquat campaign, second waveHaziran 8, 2026
pipihelixagentai:0.1.3 AI agent tooling targeted in PyPIHaziran 8, 2026
Haziran 9, 2026
npm@nstrlabs/sdk:99.0.0 + 7 packages — dependency confusion against internal monorepo namespaceHaziran 9, 2026
npm@klapp-login-platform/native-sdk:99.0.0 + 9 packages — authentication platform impersonation across multiple klapp namespacesHaziran 9, 2026
npmblockchain-helper-0:1.0.0 + 7 packages — crypto/DeFi utility cluster targeting Web3 developersHaziran 9, 2026
npm@card-pci-data/store:99.0.0 Payment card data namespace targetedHaziran 9, 2026
Haziran 10, 2026
npmmorningstar-design-system:99.0.0 + 2 versions — financial design system impersonationHaziran 10, 2026
Haziran 11, 2026
npmpocteszep:1.0.1 + 5 versions published same dayHaziran 11, 2026
npm@coze-common/chat-area:99.1.1 AI chat platform namespace impersonationHaziran 11, 2026
pipitelegramlite:1.0.0 + 1 version — messaging platform impersonation in PyPIHaziran 11, 2026
Haziran 12, 2026
npmecto-corsair-whisper-6f3b9:1.0.18 + 7 ecto-* variants — obfuscated name clusterHaziran 12, 2026
npminternallib_v984:1.0.3 + internallib_v557 cluster — 13 versions of internal library impostorsHaziran 12, 2026
npmvoyager-web:999.0.0 Dependency confusion, inflated versionHaziran 12, 2026
pipicdjeez:0.32.0Haziran 12, 2026

1. Hafta: 118'den Fazla Paket Keşfedildi

Ekosistem paket Tarih
Mayıs 30, 2026
npm@cloudplatform-single-spa/administration:99.99.100 Dependency confusion, inflated versionMayıs 30, 2026
vs koduxampp-manager:5.1.3 VSCode extension — developer tool impersonationMayıs 30, 2026
Haziran 1, 2026
npm@tse-digital/core:99.0.0 Dependency confusion — @telenor-se and @ownit also hitHaziran 1, 2026
npmcms-storehub:1.3.4 + 2 versions, CMS namespace clusterHaziran 1, 2026
npm@antoncallahan/aws-user-helper:6767.67.69 + 6 versions, inflated version numbers targeting AWS credentialsHaziran 1, 2026
npmhastabelgeleri:75.0.0 Healthcare namespace targetHaziran 1, 2026
npm@emcd-vue/auth:6.4.9 Crypto exchange namespace impersonationHaziran 1, 2026
pipisimtooreal-cli:0.3.0Haziran 1, 2026
Haziran 2, 2026
npmhassasiyet: 2.5.8 + 70 versions across 2.5.x range, Jun 2–5 — dominant campaign of the periodHaziran 2, 2026
npm@langgraphjs/toolkit:1.2.10 LangGraph tooling targetedHaziran 2, 2026
Haziran 4, 2026
npm@sentry-browser-sdk/profiling-node:1.0.1 + 2 versions, Sentry namespace impersonationHaziran 4, 2026
npminternallib_v346:1.0.3 + 2 versions, internal library impostorHaziran 4, 2026
npmyapay zeka-sdk-yardımcıları:0.2.1 + 7 versions, targeting AI SDK toolingHaziran 4, 2026

Stop Malicious Code Before It Reaches Your Pipeline

Software supply chain threats have moved well past theoretical. Dependency confusion attacks, credential stealers, AI-targeted malware, and poisoned developer tooling are hitting real teams in real SDLCs every week.

Xygeni'nin kötü amaçlı yazılım algılama hem de supply chain security platform gives organizations the visibility to catch malicious dependencies before they execute on a developer machine, enter a build system, or reach production. Coverage spans npm, PyPI, VSCode, and beyond, monitoring for suspicious publishing patterns, namespace abuse, typosquatting, and AI-native attack techniques as they emerge.

Every finding is automatically prioritized by exploitability, reachability, and business impact, so your team focuses on what actually needs fixing, not noise.

Whether it’s a malicious open-source package, a compromised developer tool, or an AI-generated code risk, Xygeni keeps security and engineering teams one step ahead of the supply chain threat landscape.

Explore every malicious package and campaign validated by the Xygeni Security Team in the Kötü Amaçlı Kod Özeti.

Xygeni ile güvende kalın. Hızlı kalın. Kontrolü elinizde tutun.

sca-tools-software-composition-analysis-tools
Yazılım risklerinizi önceliklendirin, giderin ve güvence altına alın.
Ücretsiz hesabınızı alın.
Hiçbir kredi kartı gerekmektedir.

Yazılım Geliştirme ve Teslimatınızı Güvence Altına Alın

Xygeni Ürün Paketi ile