Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
3,510 total in gem · sorted newest first- Jul 15, 2023
Malicious code in naveengem (RubyGems)
1 compromised version
- Jul 2, 2023
Malicious code in gitlab-glfm-markdown (RubyGems)
1 compromised version
- Jun 19, 2023
Malicious code in att-codekit (RubyGems)
1 compromised version
- Jun 17, 2023
Malicious code in ptrsec_rce (RubyGems)
1 compromised version
- May 15, 2023
Malicious code in i18n_sonder (RubyGems)
1 compromised version
- May 9, 2023
Malicious code in mandrill-api-ruby (RubyGems)
1 compromised version
- May 4, 2023
Malicious code in modified_bayes (RubyGems)
2 compromised versions
- May 4, 2023
Malicious code in microsoft_kiota_http (RubyGems)
1 compromised version
- Apr 26, 2023
Malicious code in tzinfo-i18n (RubyGems)
1 compromised version
- Apr 25, 2023
Malicious code in fluent-plugin-enhance-k8s-metadata (RubyGems)
1 compromised version
Page 71 of 71