"Code White Finest Hacking", well at least the logo is not ambiguous.
Süddeutsche Zeitung, German newspaper, receives all those financial leaks. Based in Stuttgart. Weird that, all those "whistleblowers" around the world, want to approach a German regional newspaper, sometimes lots of them across 13 companies all at the same time, all keen to share their leaks and practise their German. So very like a German state sponsored hack of low taxation states by a high tax state for propaganda puposes. One with an FIU that can legally hack for such purposes, with a suboffice in Mannheim.
CodeWhite, started in a house in Stuttgart (70597 Stuttgart) now does hacking, their job requirements specify "Security Clearance", so a State client and apparently they've been hugely successful, that newish Kaiserring Mannheim office is big money, not sure why they're so vague about its address really.
So a self proclaimed hacking company, working for the State, puts a package out while investigating "dependency confusion" yet the package has a genuine surveillance payload.
Nothing to see here, totally nothing, no need to look, why bother going doing any kind of digging or anything, just move along....