Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
239,996 total in npm · sorted newest first- Jul 8, 2026
Malicious code in configration (npm)
1 compromised version
- Jul 8, 2026
Malicious code in next-locomotive-init (npm)
5 compromised versions
- Jul 8, 2026
Malicious code in @vite-tab/tab (npm)
2 compromised versions
- Jul 8, 2026
Malicious code in luludawang-kit (npm)
1 compromised version
- Jul 8, 2026
Malicious code in ec-checker (npm)
1 compromised version
- Jul 8, 2026
Malicious code in chai-redirection (npm)
3 compromised versions
- Jul 8, 2026
Malicious code in chai-presentation (npm)
4 compromised versions
- Jul 8, 2026
Malicious code in airkey-mfa-react (npm)
4 compromised versions
- Jul 8, 2026
Malicious code in pipo-sdk (npm)
1 compromised version
- Jul 8, 2026
Malicious code in goofy-sdk (npm)
1 compromised version
- Jul 8, 2026
Malicious code in @luminarycloudinternal/lcvis-st (npm)
3 compromised versions
- Jul 8, 2026
Malicious code in bytefaas-sdk (npm)
1 compromised version
- Jul 8, 2026
Malicious code in searchresults (npm)
1 compromised version
- Jul 8, 2026
Malicious code in thunder-rony (npm)
1 compromised version
- Jul 8, 2026
Malicious code in ronyfortest (npm)
1 compromised version
- Jul 8, 2026
Malicious code in rony-test (npm)
1 compromised version
- Jul 8, 2026
Malicious code in higherlogic-ocfe (npm)
1 compromised version
- Jul 8, 2026
Malicious code in babel-eslint-parser-legacy (npm)
1 compromised version
- Jul 8, 2026
Malicious code in ag-charts-test (npm)
1 compromised version
- Jul 8, 2026
Malicious code in visa-cli-tools (npm)
1 compromised version
- Jul 8, 2026
Malicious code in ai-gen-ai-opt-in (npm)
1 compromised version
- Jul 8, 2026
Malicious code in @luminarycloudinternal/frodo (npm)
3 compromised versions
- Jul 8, 2026
Malicious code in promo-helper (npm)
8 compromised versions
- Jul 8, 2026
Malicious code in @vite-ln/build-ts (npm)
2 compromised versions
- Jul 8, 2026
Malicious code in paysafe-cards (npm)
1 compromised version
- Jul 8, 2026
Malicious code in domains-billing-types (npm)
1 compromised version
- Jul 8, 2026
Malicious code in @vwfs-its/sf-sac-frontend (npm)
1 compromised version
- Jul 8, 2026
Malicious code in gitlens (npm)
2 compromised versions
- Jul 8, 2026
Malicious code in rony-testing (npm)
1 compromised version
- Jul 8, 2026
Malicious code in nam-os-a-man (npm)
1 compromised version
- Jul 8, 2026
Malicious code in na-rony-test-karem (npm)
- Jul 8, 2026
Malicious code in na-rony-test (npm)
- Jul 8, 2026
Malicious code in na-rony (npm)
4 compromised versions
- Jul 8, 2026
Malicious code in karem-dp (npm)
- Jul 8, 2026
Malicious code in vite-json-pwa (npm)
2 compromised versions
- Jul 8, 2026
Malicious code in gas-log (npm)
2 compromised versions
- Jul 8, 2026
Malicious code in nodemon-node (npm)
- Jul 8, 2026
Malicious code in ts-await (npm)
- Jul 8, 2026
Malicious code in rio-design-tokens (npm)
2 compromised versions
- Jul 7, 2026
Malicious code in hello244b (npm)
1 compromised version
- Jul 7, 2026
Malicious code in whs4_npm_test (npm)
4 compromised versions
- Jul 7, 2026
Malicious code in @whs4/whs4_npm (npm)
- Jul 7, 2026
Malicious code in wsh4_npm (npm)
1 compromised version
- Jul 7, 2026
Malicious code in whs4_pnm (npm)
1 compromised version
- Jul 7, 2026
Malicious code in whs4_npm (npm)
1 compromised version
- Jul 7, 2026
Malicious code in whs4_nmp (npm)
2 compromised versions
- Jul 7, 2026
Malicious code in runtimedev-link (npm)
13 compromised versions
- Jul 7, 2026
Malicious code in polytrade (npm)
1 compromised version
- Jul 7, 2026
Malicious code in evm-typechain (npm)
1 compromised version
- Jul 7, 2026
Malicious code in nuxt-fonts-devtools (npm)
1 compromised version
Page 14 of 4,800