npm: 10 Malicious Typosquats Target Redis Ecosystem in 17-Minute Coordinated Drop

Key findings

All 10 packages were published on June 16, 2026 — just 15 hours before coordinated disclosure
Packages typosquat ioredis (2.5M weekly downloads), redis (2M/week), and ulid (2M/week)
Every advisory landed within a 17-minute window (11:44–12:02 UTC)
All packages rated Critical severity; every version (>=0) flagged as malicious
Fresh same-day registrations confirm automated typosquatting, not account takeovers

On June 16, 2026, ten malicious npm packages were disclosed in a tightly coordinated 17-minute window, all fresh typosquats registered earlier that same day. The packages impersonate popular libraries in the Redis and Node.js utility ecosystem — including ioredis, redis, and ulid — and were flagged as Critical severity by both GitHub Security Advisories and the Open Source Security Foundation's malware database.

Every package in this burst was first published on June 16, 2026, roughly 15 hours before the advisories landed. That same-day registration pattern is the hallmark of an automated typosquatting operation: the attacker creates packages with names visually close to legitimate, high-traffic targets, publishes malicious versions immediately, and relies on developer typos or dependency confusion to achieve installation. There is no evidence of compromised maintainer accounts — these are net-new packages, not takeovers of existing projects.

The naming scheme reveals a clear focus on the Redis client ecosystem. Three packages directly target Redis libraries:

redis-xyz — a typosquat of the redis npm package, the primary Node.js client for Redis, which draws over 2 million weekly downloads.
ioredis-os — impersonating ioredis, a widely adopted Redis client with approximately 2.5 million weekly downloads and a robust cluster/Sentinel API.
redis-type-os — another Redis-themed name, likely targeting developers searching for Redis type definitions or related tooling.

Two additional packages round out the burst:

nat-ulid — a typosquat of ulid, the universally unique lexicographically sortable identifier library with roughly 2 million weekly downloads.
obfus-jsxy — a less obvious target, possibly impersonating JavaScript obfuscation tooling or a specific project in that space.

The advisory severity is uniformly Critical. Every package has all versions (>= 0) marked as malicious, meaning the very first publish contained the payload — there was no benign period followed by a poisoned update. GitHub's advisory framework assigns Critical to packages that execute malicious code capable of exfiltrating secrets, environment variables, and authentication tokens from the host machine. For any developer who installed one of these packages, the standard remediation guidance applies: the affected machine should be considered fully compromised.

Developers should immediately audit their package-lock.json and node_modules directories for any of the following package names:

obfus-jsxy redis-xyz ioredis-os redis-type-os nat-ulid

If any are present, rotate all secrets, tokens, and credentials stored on or accessible from the affected machine — including npm access tokens, environment variables, .env files, and SSH keys — from a separate, clean device. Check npm token logs for unauthorized publishes if you maintain any packages yourself.

The 17-minute disclosure window (11:44 to 12:02 UTC) and the identical same-day registration pattern across all ten packages strongly suggest a single actor or automated pipeline pushing multiple typosquats simultaneously. This is consistent with a growing trend of high-velocity, low-dwell-time malicious package drops on npm, where attackers register dozens of typosquats in rapid succession, counting on a small fraction to slip past automated scanners and reach developer machines before takedown. The Redis ecosystem, with its central role in backend infrastructure and its high-volume client libraries, remains a recurring target for these campaigns.