Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,003 total in npm · sorted newest first- Jun 25, 2026
Malicious code in based-32 (npm)
2 compromised versions
- Jun 25, 2026
Malicious code in howdybase32 (npm)
1 compromised version
- Jun 25, 2026
Malicious code in nizzybase32 (npm)
1 compromised version
- Jun 25, 2026
Malicious code in base58-core (npm)
12 compromised versions
- Jun 25, 2026
Malicious code in bs58-86 (npm)
2 compromised versions
- Jun 25, 2026
Malicious code in base62-86x (npm)
2 compromised versions
- Jun 25, 2026
Malicious code in agentsync-tool (npm)
1 compromised version
- Jun 25, 2026
Malicious code in agentsync-pkg (npm)
3 compromised versions
- Jun 25, 2026
Malicious code in logfmt-core (npm)
1 compromised version
- Jun 25, 2026
Malicious code in polymarket-stake-math (npm)
2 compromised versions
- Jun 25, 2026
Malicious code in polymarket-stake-maths (npm)
1 compromised version
- Jun 25, 2026
Malicious code in easy-time-format (npm)
1 compromised version
- Jun 25, 2026
Malicious code in tokenization-util (npm)
3 compromised versions
- Jun 25, 2026
Malicious code in unifydata (npm)
1 compromised version
- Jun 25, 2026
Malicious code in anthropic-claude-latest (npm)
3 compromised versions
- Jun 25, 2026
Malicious code in block-slot (npm)
1 compromised version
- Jun 25, 2026
Malicious code in poc-publish-test-su-doughnym (npm)
1 compromised version
- Jun 25, 2026
Malicious code in nabisco (npm)
1 compromised version
- Jun 25, 2026
Malicious code in @su-doughnym/react-dlb (npm)
1 compromised version
- Jun 25, 2026
Malicious code in @su-doughnym/metrics-js (npm)
- Jun 25, 2026
Malicious code in @su-doughnym/loginui (npm)
1 compromised version
- Jun 25, 2026
Malicious code in two-factor-prompt-lib (npm)
1 compromised version
- Jun 25, 2026
Malicious code in data-fetching-client (npm)
1 compromised version
- Jun 25, 2026
Malicious code in @su-doughnym/hubspot-loginui-poc (npm)
1 compromised version
- Jun 24, 2026
Malicious code in solo-nav (npm)
1 compromised version
- Jun 24, 2026
Malicious code in serverless-leo (npm)
1 compromised version
- Jun 24, 2026
Malicious code in serverless-convention (npm)
1 compromised version
- Jun 24, 2026
Malicious code in rstreams-shard-util (npm)
1 compromised version
- Jun 24, 2026
Malicious code in rstreams-metrics (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-streams (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-sdk (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-logger (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-cron (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-connector-redshift (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-connector-oracle (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-connector-mysql (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-connector-mongo (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-connector-elasticsearch (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-config (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-cli (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-cdk-lib (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-cache (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-aws (npm)
1 compromised version
- Jun 24, 2026
Malicious code in leo-auth (npm)
1 compromised version
- Jun 24, 2026
Malicious code in syspo (npm)
1 compromised version
- Jun 24, 2026
Malicious code in syco1 (npm)
3 compromised versions
- Jun 24, 2026
Malicious code in sypoi1 (npm)
3 compromised versions
- Jun 24, 2026
Malicious code in @kl-dolphin/jump (npm)
1 compromised version
- Jun 24, 2026
Malicious code in @kl-dolphin/swim (npm)
1 compromised version
- Jun 24, 2026
Malicious code in zenith-utils (npm)
2 compromised versions
Page 33 of 4,801