Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
3,510 total in gem · sorted newest first- Jun 25, 2024
Malicious code in alerty_plugin-slack (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alerty_plugin-mail (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alerty_plugin-ikachan (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alerty_plugin-datadog-event (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alerty-plugin-datadog-event (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alerty-plugin-amazon-sns (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alephant_publisher-request (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alephant_publisher-queue (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alephant_publisher (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alephant_logger-statsd (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alchemy-pg-search (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alcatraz_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in alacrity-client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in aker-cas-cli (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in ajax-submit_rails (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airservice-build_tools (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake_statsd (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake_graylog2 (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake_api (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake-user_attributes_rails5 (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake-user_attributes (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake-stats (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake-proxy (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in airbrake-notifying_threads (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in agnostic_duplicate (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in agile_cli (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in age-validator (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in agave_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in after-the_deadline (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in aem_deploy (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in ae-validates-timeliness (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adyen_ruby-api-library (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adwords-scraper (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in advisors-command_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adtech_api-client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adn_cli (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in admob-site_stats (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in admiral-stats_parser (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in administrate_field-password (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in administrate_field-paperclip (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in administrate_field-mobility (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in administrate-field-belongs-to_search (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adequate-serializer (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in addy-caddy_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in address-validator (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in address-validate (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in addons_client (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adb_sdklib (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adapter_sqlite3 (RubyGems)
1 compromised version
- Jun 25, 2024
Malicious code in adapter_elasticsearch (RubyGems)
1 compromised version
Page 65 of 71