Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,064 total in npm · sorted newest first- Jun 16, 2026
Malware in tailwind-typography-style
1 compromised version
- Jun 16, 2026
Malicious code in sp-api-dev-assistant-mcp-server (npm)
1 compromised version
- Jun 16, 2026
Malware in sp-api-dev-assistant-mcp-server
1 compromised version
- Jun 16, 2026
Malware in worker-build
1 compromised version
- Jun 16, 2026
Malware in ttspc-server-sample
1 compromised version
- Jun 16, 2026
Malicious code in epm-service-module-v2 (npm)
4 compromised versions
- Jun 16, 2026
Malware in epm-service-module-v2
1 compromised version
- Jun 16, 2026
Malware in websocket-slot
1 compromised version
- Jun 15, 2026
Malware in sn-internal-test
1 compromised version
- Jun 15, 2026
Malware in sn-internal-testjgsakjdkjadkjahsdkjad
1 compromised version
- Jun 15, 2026
Malicious code in vemos-sdk (npm)
1 compromised version
- Jun 15, 2026
Malware in vemos-sdk
1 compromised version
- Jun 15, 2026
Malware in sb-original
1 compromised version
- Jun 15, 2026
Malware in web-model-bridge
1 compromised version
- Jun 15, 2026
Malicious code in richtext-editor-ui (npm)
1 compromised version
- Jun 15, 2026
Malware in richtext-editor-ui
1 compromised version
- Jun 15, 2026
Malicious code in reading-cookies (npm)
1 compromised version
- Jun 15, 2026
Malware in reading-cookies
1 compromised version
- Jun 15, 2026
Malicious code in prettier_v2 (npm)
1 compromised version
- Jun 15, 2026
Malicious code in prettier_v1 (npm)
2 compromised versions
- Jun 15, 2026
Malicious code in browserslist-db-sync (npm)
2 compromised versions
- Jun 15, 2026
Malware in prettier_v1
1 compromised version
- Jun 15, 2026
Malware in optional-cpu-features
1 compromised version
- Jun 15, 2026
Malware in browserslist-db-sync
1 compromised version
- Jun 15, 2026
Malware in prettier_v2
1 compromised version
- Jun 15, 2026
Malicious code in slow-surf (npm)
2 compromised versions
- Jun 15, 2026
Malicious code in numdifftools (npm)
2 compromised versions
- Jun 15, 2026
Malware in numdifftools
1 compromised version
- Jun 15, 2026
Malware in shopify-app-bridge-internal
1 compromised version
- Jun 15, 2026
Malware in slow-surf
1 compromised version
- Jun 15, 2026
Malware in mermaid-v11
1 compromised version
- Jun 15, 2026
Malware in @monitoring-lib/error-tracking
1 compromised version
- Jun 15, 2026
Malware in internallib_v856
1 compromised version
- Jun 15, 2026
Malware in internallib_v557
1 compromised version
- Jun 15, 2026
Malware in internallib_v984
1 compromised version
- Jun 15, 2026
Malware in index-ulid
1 compromised version
- Jun 15, 2026
Malware in ect-839201
1 compromised version
- Jun 15, 2026
Malware in ecto_module
1 compromised version
- Jun 15, 2026
Malware in ect-654321
1 compromised version
- Jun 15, 2026
Malware in ect-839201-ctf
1 compromised version
- Jun 15, 2026
Malware in ect-472839-ctf
1 compromised version
- Jun 15, 2026
Malware in ect-472839
1 compromised version
- Jun 15, 2026
Malicious code in vite-enhancer-config (npm)
12 compromised versions
- Jun 15, 2026
Malicious code in vite-configu-react (npm)
- Jun 15, 2026
Malicious code in chai-smart-assert (npm)
1 compromised version
- Jun 15, 2026
Malware in vite-configu-react
1 compromised version
- Jun 15, 2026
Malware in vite-enhancer-config
1 compromised version
- Jun 15, 2026
Malware in vite-config-react
1 compromised version
- Jun 15, 2026
Malware in chai-smart-assert
1 compromised version
- Jun 15, 2026
Malicious code in lab-helper (npm)
1 compromised version
Page 49 of 4,802