Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
3,510 total in gem · sorted newest first- Jul 7, 2026
Malicious code in uxhttpslamb1 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124885 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124884 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124883 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124882 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124881 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124880 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124879 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124878 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124877 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124876 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124875 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124874 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124873 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124872 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124871 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxds124870 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxbcrwands3 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxbcrwands2 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uxbcrwands1 (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in uuext4c477b (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf8zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf7zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf6zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf5zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf4zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf3zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf2zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf1zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryf0zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in trye4zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in trye3zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in trye2zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in trye1zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in trye0zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryd4zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryd3zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryd2zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryd1zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryd0zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryc4xzz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryc4tzz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryc4bzz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryb4zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryb3zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryb2zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryb1zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in tryb0zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in trya5zz (RubyGems)
1 compromised version
- Jul 7, 2026
Malicious code in trya4zz (RubyGems)
1 compromised version
Page 20 of 71