Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
3,510 total in gem · sorted newest first- Jul 7, 2026
Malicious code in zzzltestfoobarxyz (RubyGems)
2 compromised versions
- Jul 7, 2026
Malicious code in zzwmgweb02 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzwandtemp1778552518 (RubyGems)
2 compromised versions
- Jul 7, 2026
Malicious code in zzwandsxabc119 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp14 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp13 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp12 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp11 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp10 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp09 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp08 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp07 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp06 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp05 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp04 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp03 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp02 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztxtwtmp01 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztestproxyfooabcxyz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztestownedtmp1 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztestno44 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztestno33 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztest4098 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztest17785553805 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztest17785553774 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztest17785553733 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztest17785553702 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztest17785553661 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztest1778552006 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztemp-ssf-2605 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zztargettest18587 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzsouthhack252269 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzproxyoaiabc431848 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar15 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar14 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar13 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar12 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar11 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar10 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar09 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar08 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar07 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar06 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar05 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar04 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar03 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar02 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar01 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzpdfvar00 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in zzlambtestf295 (RubyGems)
1 compromised version
Page 1 of 71