Malicious packages

Malware feed

Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).

Recent advisories

969 total in gem · sorted newest first

MAL-2025-192908Malwaregemhola_rreichel3github
Dec 23, 2025
Malicious code in hola_rreichel3github (RubyGems)
1 compromised version
MAL-2025-192907Malwaregemhockeystick
Dec 23, 2025
Malicious code in hockeystick (RubyGems)
1 compromised version
MAL-2025-192906Malwaregemhaybales
Dec 23, 2025
Malicious code in haybales (RubyGems)
1 compromised version
MAL-2025-192905Malwaregemcritter
Dec 23, 2025
Malicious code in critter (RubyGems)
1 compromised version
MAL-2025-192904Malwaregemcocoapod
Dec 23, 2025
Malicious code in cocoapod (RubyGems)
1 compromised version
MAL-2025-192903Malwaregemchalk-thrift
Dec 23, 2025
Malicious code in chalk-thrift (RubyGems)
1 compromised version
MAL-2025-192902Malwaregemchalk-service
Dec 23, 2025
Malicious code in chalk-service (RubyGems)
1 compromised version
MAL-2025-192901Malwaregemchalk-sentry
Dec 23, 2025
Malicious code in chalk-sentry (RubyGems)
1 compromised version
MAL-2025-192900Malwaregemchalk-interface
Dec 23, 2025
Malicious code in chalk-interface (RubyGems)
1 compromised version
MAL-2025-192899Malwaregemchalk-hostname
Dec 23, 2025
Malicious code in chalk-hostname (RubyGems)
1 compromised version
MAL-2025-192898Malwaregemchalk-henson
Dec 23, 2025
Malicious code in chalk-henson (RubyGems)
1 compromised version
MAL-2025-192897Malwaregemchalk-consul
Dec 23, 2025
Malicious code in chalk-consul (RubyGems)
1 compromised version
MAL-2025-192896Malwaregemchalk-cli
Dec 23, 2025
Malicious code in chalk-cli (RubyGems)
1 compromised version
MAL-2025-192895Malwaregemchalk-aws
Dec 23, 2025
Malicious code in chalk-aws (RubyGems)
1 compromised version
MAL-2025-192894Malwaregemactivestorage-redundancy
Dec 23, 2025
Malicious code in activestorage-redundancy (RubyGems)
1 compromised version
MAL-2025-191667Malwaregempg_result_init
Dec 2, 2025
Malicious code in pg_result_init (RubyGems)
1 compromised version
MAL-2025-47816Malwaregemyour-gem-name12
Sep 26, 2025
Malicious code in your-gem-name12 (RubyGems)
1 compromised version
MAL-2025-47815Malwaregemsqlcommenter_rails
Sep 26, 2025
Malicious code in sqlcommenter_rails (RubyGems)
2 compromised versions
MAL-2025-46925Malwaregemauthzd-client
Sep 1, 2025
Malicious code in authzd-client (RubyGems)
1 compromised version
MAL-2025-46924Malwaregemadvisory_db_toolkit
Sep 1, 2025
Malicious code in advisory_db_toolkit (RubyGems)
1 compromised version
MAL-2025-46926Malwaregemgithub_chatops_extensions
Sep 1, 2025
Malicious code in github_chatops_extensions (RubyGems)
1 compromised version
MAL-2025-46931Malwaregemmonolith-twirp-merge-queue-go-mergequeuemonolith
Sep 1, 2025
Malicious code in monolith-twirp-merge-queue-go-mergequeuemonolith (RubyGems)
1 compromised version
MAL-2025-46930Malwaregemmonolith-twirp-mailreplies-replies
Sep 1, 2025
Malicious code in monolith-twirp-mailreplies-replies (RubyGems)
1 compromised version
MAL-2025-46929Malwaregemmonolith-twirp-github-repositories
Sep 1, 2025
Malicious code in monolith-twirp-github-repositories (RubyGems)
1 compromised version
MAL-2025-46943Malwaregemservice-catalog-client
Sep 1, 2025
Malicious code in service-catalog-client (RubyGems)
1 compromised version
MAL-2025-46942Malwaregemsecret-scanning-proto
Sep 1, 2025
Malicious code in secret-scanning-proto (RubyGems)
1 compromised version
MAL-2025-46946Malwaregemturboscan-client
Sep 1, 2025
Malicious code in turboscan-client (RubyGems)
1 compromised version
MAL-2025-46937Malwaregemmonolith-twirp-support-helphub
Sep 1, 2025
Malicious code in monolith-twirp-support-helphub (RubyGems)
1 compromised version
MAL-2025-46935Malwaregemmonolith-twirp-packageregistry-auditlog
Sep 1, 2025
Malicious code in monolith-twirp-packageregistry-auditlog (RubyGems)
1 compromised version
MAL-2025-46940Malwaregemproto-education-web
Sep 1, 2025
Malicious code in proto-education-web (RubyGems)
1 compromised version
MAL-2025-46938Malwaregemmonolith-twirp-webhooksubscriptions-subscriptions
Sep 1, 2025
Malicious code in monolith-twirp-webhooksubscriptions-subscriptions (RubyGems)
1 compromised version
MAL-2025-46933Malwaregemmonolith-twirp-modelsgateway-telemetry
Sep 1, 2025
Malicious code in monolith-twirp-modelsgateway-telemetry (RubyGems)
1 compromised version
MAL-2025-46939Malwaregemproto-dependabot-api
Sep 1, 2025
Malicious code in proto-dependabot-api (RubyGems)
1 compromised version
MAL-2025-46928Malwaregemmonolith-twirp-git_src_migrator-monolith
Sep 1, 2025
Malicious code in monolith-twirp-git_src_migrator-monolith (RubyGems)
1 compromised version
MAL-2025-46960Malwaregemoctolytics
Sep 1, 2025
Malicious code in octolytics (RubyGems)
1 compromised version
MAL-2025-46941Malwaregemproto-trust-metadata-api
Sep 1, 2025
Malicious code in proto-trust-metadata-api (RubyGems)
1 compromised version
MAL-2025-46958Malwaregemmonolith-twirp-webhooks-core
Sep 1, 2025
Malicious code in monolith-twirp-webhooks-core (RubyGems)
1 compromised version
MAL-2025-46957Malwaregemmonolith-twirp-pipelinemonitor-monitoring
Sep 1, 2025
Malicious code in monolith-twirp-pipelinemonitor-monitoring (RubyGems)
1 compromised version
MAL-2025-46953Malwaregemmonolith-twirp-modelsgateway-access
Sep 1, 2025
Malicious code in monolith-twirp-modelsgateway-access (RubyGems)
1 compromised version
MAL-2025-46956Malwaregemmonolith-twirp-pages-pagesdfsapi
Sep 1, 2025
Malicious code in monolith-twirp-pages-pagesdfsapi (RubyGems)
1 compromised version
MAL-2025-46949Malwaregemmonolith-twirp-features-featuresync
Sep 1, 2025
Malicious code in monolith-twirp-features-featuresync (RubyGems)
1 compromised version
MAL-2025-46962Malwaregemproto-registry-metadata-migrator-api
Sep 1, 2025
Malicious code in proto-registry-metadata-migrator-api (RubyGems)
1 compromised version
MAL-2025-46965Malwaregemwindbeam_api
Sep 1, 2025
Malicious code in windbeam_api (RubyGems)
1 compromised version
MAL-2025-46961Malwaregemprose_diff
Sep 1, 2025
Malicious code in prose_diff (RubyGems)
1 compromised version
MAL-2025-46964Malwaregemturboghas-client
Sep 1, 2025
Malicious code in turboghas-client (RubyGems)
1 compromised version
MAL-2025-46963Malwaregems4-client
Sep 1, 2025
Malicious code in s4-client (RubyGems)
1 compromised version
MAL-2025-46959Malwaregemmvnd
Sep 1, 2025
Malicious code in mvnd (RubyGems)
1 compromised version
MAL-2025-46950Malwaregemmonolith-twirp-features-groups
Sep 1, 2025
Malicious code in monolith-twirp-features-groups (RubyGems)
1 compromised version
MAL-2025-46948Malwaregemmonolith-twirp-features-actors
Sep 1, 2025
Malicious code in monolith-twirp-features-actors (RubyGems)
1 compromised version
MAL-2025-46955Malwaregemmonolith-twirp-pages-pagesdeployerapi
Sep 1, 2025
Malicious code in monolith-twirp-pages-pagesdeployerapi (RubyGems)
1 compromised version

Page 2 of 20