Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,011 total in npm · sorted newest first- Jun 20, 2026
Malicious code in atlasora-shared (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-api (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-types (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-utils (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-sdk (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-client (npm)
1 compromised version
- Jun 20, 2026
Malicious code in @withgoogle/stitch-sdk (npm)
5 compromised versions
- Jun 20, 2026
Malicious code in yian666aikf (npm)
1 compromised version
- Jun 20, 2026
Malicious code in yianzzkf6687 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in free-claude (npm)
3 compromised versions
- Jun 19, 2026
Malicious code in base_parts_ai (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in routecraft (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in aikaf668897 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in aikaf6688812 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in aikaf788812 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in create-mono-package (npm)
1 compromised version
- Jun 19, 2026
Malicious code in @chunklab/hexparse (npm)
5 compromised versions
- Jun 19, 2026
Malicious code in @bytemend/mfebus (npm)
6 compromised versions
- Jun 19, 2026
Malicious code in @briskforge/envcheck (npm)
4 compromised versions
- Jun 19, 2026
Malicious code in @apexcraft/nano-key (npm)
9 compromised versions
- Jun 19, 2026
Malicious code in @apiwizards/auth-middleware (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in @antoncarlos1/nodelamp (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in chai-assert-kit (npm)
1 compromised version
- Jun 19, 2026
Malicious code in chai-as-attested (npm)
1 compromised version
- Jun 19, 2026
Malicious code in chai-as-uphelded (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-mjs-eslint (npm)
1 compromised version
- Jun 19, 2026
Malicious code in mjs-eslint (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-eslint-1 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-eslint (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-ts-helper (npm)
1 compromised version
- Jun 19, 2026
Malicious code in chai-as-forgeted (npm)
1 compromised version
- Jun 19, 2026
Malicious code in ts-esys (npm)
1 compromised version
- Jun 19, 2026
Malicious code in ts-ecro-helper (npm)
1 compromised version
- Jun 19, 2026
Malware in ts-ecro-helper
1 compromised version
- Jun 19, 2026
Malware in ts-ecro
1 compromised version
- Jun 19, 2026
Malware in new-ecro
1 compromised version
- Jun 19, 2026
Malware in ts-esys
1 compromised version
- Jun 19, 2026
Malware in ts-big-ecro
1 compromised version
- Jun 19, 2026
Malicious code in mongoose-jsonify (npm)
- Jun 19, 2026
Malware in pretty-logger-js
1 compromised version
- Jun 19, 2026
Malware in mongoose-jsonify
1 compromised version
- Jun 19, 2026
Malicious code in eth-util (npm)
1 compromised version
- Jun 19, 2026
Malicious code in assert-kit (npm)
1 compromised version
- Jun 19, 2026
Malware in eth-util
1 compromised version
- Jun 19, 2026
Malware in assert-kit
1 compromised version
- Jun 19, 2026
Malicious code in ethereum-gas-reporter (npm)
1 compromised version
- Jun 19, 2026
Malware in ethereum-gas-reporter
1 compromised version
- Jun 19, 2026
Malicious code in build-tracker-n5p1 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in ts-big-ecro (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in new-ecro-1 (npm)
3 compromised versions
Page 37 of 4,801