Malicious packages

Malware feed

Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).

Recent advisories

969 total in gem · sorted newest first

MAL-2026-3636Malwaregemknot-simple-formatter
May 13, 2026
Malicious code in knot-simple-formatter (RubyGems)
1 compromised version
MAL-2026-3635Malwaregemknot-rspec-formatter-json
May 13, 2026
Malicious code in knot-rspec-formatter-json (RubyGems)
1 compromised version
MAL-2026-3634Malwaregemknot-rails-assets-pipeline
May 13, 2026
Malicious code in knot-rails-assets-pipeline (RubyGems)
1 compromised version
MAL-2026-3633Malwaregemknot-rack-session-store
May 13, 2026
Malicious code in knot-rack-session-store (RubyGems)
1 compromised version
MAL-2026-3632Malwaregemknot-devise-jwt-helper
May 13, 2026
Malicious code in knot-devise-jwt-helper (RubyGems)
1 compromised version
MAL-2026-3631Malwaregemknot-date-utils-rb
May 13, 2026
Malicious code in knot-date-utils-rb (RubyGems)
1 compromised version
MAL-2026-3630Malwaregemknot-activesupport-logger
May 13, 2026
Malicious code in knot-activesupport-logger (RubyGems)
1 compromised version
MAL-2026-2816Malwaregemmonolith-twirp-pullsd-users
Apr 16, 2026
Malicious code in monolith-twirp-pullsd-users (RubyGems)
2 compromised versions
MAL-2026-2815Malwaregemmonolith-twirp-pullsd-authorization
Apr 16, 2026
Malicious code in monolith-twirp-pullsd-authorization (RubyGems)
2 compromised versions
MAL-2026-2814Malwaregemgitlab-orchestrator
Apr 16, 2026
Malicious code in gitlab-orchestrator (RubyGems)
2 compromised versions
MAL-2026-2265Malwaregemmonolith-twirp-codingagentintegrations-codingagentintegrations
Mar 27, 2026
Malicious code in monolith-twirp-codingagentintegrations-codingagentintegrations (RubyGems)
1 compromised version
MAL-2026-2266Malwaregemmonolith-twirp-copilot-registry
Mar 27, 2026
Malicious code in monolith-twirp-copilot-registry (RubyGems)
1 compromised version
MAL-2026-2267Malwaregemmonolith-twirp-partitioning-pull_requests
Mar 27, 2026
Malicious code in monolith-twirp-partitioning-pull_requests (RubyGems)
1 compromised version
MAL-2026-2263Malwaregemmonolith-twirp-reposinsights-reposinsights
Mar 27, 2026
Malicious code in monolith-twirp-reposinsights-reposinsights (RubyGems)
1 compromised version
MAL-2026-2262Malwaregemmonolith-twirp-pullsd-teams
Mar 27, 2026
Malicious code in monolith-twirp-pullsd-teams (RubyGems)
1 compromised version
MAL-2026-2259Malwaregemmonolith-twirp-loops-core
Mar 27, 2026
Malicious code in monolith-twirp-loops-core (RubyGems)
1 compromised version
MAL-2026-2261Malwaregemmonolith-twirp-pullsd-repositories
Mar 27, 2026
Malicious code in monolith-twirp-pullsd-repositories (RubyGems)
1 compromised version
MAL-2026-2260Malwaregemmonolith-twirp-pullsd-pullrequestinfo
Mar 27, 2026
Malicious code in monolith-twirp-pullsd-pullrequestinfo (RubyGems)
1 compromised version
MAL-2026-2264Malwaregemmonolith-twirp-scribe-scribe
Mar 27, 2026
Malicious code in monolith-twirp-scribe-scribe (RubyGems)
1 compromised version
MAL-2026-2402Malwaregemplugin-gem-example
Mar 24, 2026
Malicious code in plugin-gem-example (RubyGems)
2 compromised versions
MAL-2026-1924Malwaregemtestcatplzignore
Mar 18, 2026
Malicious code in testcatplzignore (RubyGems)
1 compromised version
MAL-2026-1923Malwaregemsq-minimal-feature-flags
Mar 18, 2026
Malicious code in sq-minimal-feature-flags (RubyGems)
1 compromised version
MAL-2026-1922Malwaregemrubylogger
Mar 18, 2026
Malicious code in rubylogger (RubyGems)
4 compromised versions
MAL-2026-1921Malwaregemresolvrtest
Mar 18, 2026
Malicious code in resolvrtest (RubyGems)
1 compromised version
MAL-2026-1920Malwaregemrails_structured_logging
Mar 18, 2026
Malicious code in rails_structured_logging (RubyGems)
4 compromised versions
MAL-2026-1919Malwaregemrafka-rb
Mar 18, 2026
Malicious code in rafka-rb (RubyGems)
1 compromised version
MAL-2026-1918Malwaregemnewlogger
Mar 18, 2026
Malicious code in newlogger (RubyGems)
2 compromised versions
MAL-2026-1917Malwaregemkaleido
Mar 18, 2026
Malicious code in kaleido (RubyGems)
1 compromised version
MAL-2026-1916Malwaregemfreshworks-ruby
Mar 18, 2026
Malicious code in freshworks-ruby (RubyGems)
1 compromised version
MAL-2026-1915Malwaregemdoctolib
Mar 18, 2026
Malicious code in doctolib (RubyGems)
5 compromised versions
MAL-2026-1002Malwaregemnewrubylogger
Feb 23, 2026
Malicious code in newrubylogger (RubyGems)
1 compromised version
MAL-2026-996Malwaregemrubocop-vintedmetrics
Feb 20, 2026
Malicious code in rubocop-vintedmetrics (RubyGems)
2 compromised versions
MAL-2026-906Malwaregemcucumber_json_schema
Feb 15, 2026
Malicious code in cucumber_json_schema (RubyGems)
1 compromised version
MAL-2025-192925Malwaregemverificator
Dec 23, 2025
Malicious code in verificator (RubyGems)
1 compromised version
MAL-2025-192924Malwaregemu2f_client
Dec 23, 2025
Malicious code in u2f_client (RubyGems)
1 compromised version
MAL-2025-192923Malwaregemtest_gem_978483406ebb19126a2e8c001649a4eb
Dec 23, 2025
Malicious code in test_gem_978483406ebb19126a2e8c001649a4eb (RubyGems)
1 compromised version
MAL-2025-192922Malwaregemstripe-server
Dec 23, 2025
Malicious code in stripe-server (RubyGems)
1 compromised version
MAL-2025-192921Malwaregemstripe-rubocop
Dec 23, 2025
Malicious code in stripe-rubocop (RubyGems)
1 compromised version
MAL-2025-192920Malwaregemstripe-backup
Dec 23, 2025
Malicious code in stripe-backup (RubyGems)
1 compromised version
MAL-2025-192919Malwaregemsq-samsa
Dec 23, 2025
Malicious code in sq-samsa (RubyGems)
1 compromised version
MAL-2025-192918Malwaregemsq-mdc
Dec 23, 2025
Malicious code in sq-mdc (RubyGems)
1 compromised version
MAL-2025-192917Malwaregemspace-commander
Dec 23, 2025
Malicious code in space-commander (RubyGems)
1 compromised version
MAL-2025-192916Malwaregemredis_connectable
Dec 23, 2025
Malicious code in redis_connectable (RubyGems)
1 compromised version
MAL-2025-192915Malwaregemrails-structured-logging
Dec 23, 2025
Malicious code in rails-structured-logging (RubyGems)
1 compromised version
MAL-2025-192914Malwaregemqueenbee-plugin
Dec 23, 2025
Malicious code in queenbee-plugin (RubyGems)
9 compromised versions
MAL-2025-192913Malwaregemprometheus_gcstat
Dec 23, 2025
Malicious code in prometheus_gcstat (RubyGems)
5 compromised versions
MAL-2025-192912Malwaregemprometheus_client_ruby
Dec 23, 2025
Malicious code in prometheus_client_ruby (RubyGems)
5 compromised versions
MAL-2025-192911Malwaregemmd_confluence
Dec 23, 2025
Malicious code in md_confluence (RubyGems)
1 compromised version
MAL-2025-192910Malwaregemmacklemore
Dec 23, 2025
Malicious code in macklemore (RubyGems)
1 compromised version
MAL-2025-192909Malwaregemhtml_scrubber
Dec 23, 2025
Malicious code in html_scrubber (RubyGems)
1 compromised version

Page 1 of 20