Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
3,510 total in gem · sorted newest first- Jun 25, 2024
Malicious code in apress_api (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apptuit_fluent-plugin (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in approval_ratings-cli-app (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in applogger_ruby (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in applied-css (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in applidget_oauth2 (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in applicious-utils (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in application-seeds (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in application-module (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in application-insights (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in application-digester (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in application-config (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in applicaster_logger (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in applicant-tracking_api (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apple_news-client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apple-store_search (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apple-dep_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apple-class_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in appium-lib (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in appium-doc_lint (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in appfigures-client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in app_deployer (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in app_cli (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apod_cli (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apocalypse_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apns-polite (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apn-client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apitool_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apiotics-aws_iot_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apiotics-aws_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apigee-cli (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apidone_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apibanca_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in api-geo_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in api-deploy (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in api-client_builder (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in api-batch (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apache-sling_api_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apache-felix_webconsole_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in apache-felix_api_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in anything_slider (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in anything-slider_rails (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in any_validate (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in ant31_logstash-filter-kubernetes (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in answers_ruby-client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in ansible-tower_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in angular_turbolinks (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in angular_file-upload-rails (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in angular-form_validation (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in angel-list (RubyGems)
1 compromised version
Page 63 of 71