Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,064 total in npm · sorted newest first- Jun 10, 2026
Malicious code in firefly-utilities-helper (npm)
2 compromised versions
- Jun 10, 2026
Malicious code in yelp-react-component-chaos (npm)
1 compromised version
- Jun 10, 2026
Malicious code in tailwind-animator (npm)
- Jun 10, 2026
Malware in tailwind-animator
1 compromised version
- Jun 10, 2026
Malicious code in crypto-promise-js (npm)
- Jun 10, 2026
Malware in crypto-promise-js
1 compromised version
- Jun 10, 2026
Malware in prettier-sdk
1 compromised version
- Jun 10, 2026
Malware in crypto-hash-sdk
1 compromised version
- Jun 10, 2026
Malware in devkitx
1 compromised version
- Jun 10, 2026
Malicious code in anaylze-json (npm)
1 compromised version
- Jun 10, 2026
Malware in anaylze-json
1 compromised version
- Jun 10, 2026
Malware in security-env-loader
1 compromised version
- Jun 10, 2026
Malicious code in nw-demo-utils (npm)
19 compromised versions
- Jun 10, 2026
Malware in nw-demo-utils
1 compromised version
- Jun 10, 2026
Malware in nw-demo
1 compromised version
- Jun 10, 2026
Malware in auth0-templates-scripts-utils
1 compromised version
- Jun 10, 2026
Malware in auth0-templates-scripts
1 compromised version
- Jun 10, 2026
Malware in @easytipsportal/node-helper
1 compromised version
- Jun 10, 2026
Malicious code in @easytipsportal/pos-adapters (npm)
- Jun 10, 2026
Malware in @easytipsportal/pos-adapters
1 compromised version
- Jun 10, 2026
Malware in get-deps-path
1 compromised version
- Jun 10, 2026
Malicious code in argoncrypt (npm)
2 compromised versions
- Jun 10, 2026
Malware in argoncrypt
1 compromised version
- Jun 10, 2026
Malware in python-utils
1 compromised version
- Jun 10, 2026
Malware in use-context-selector-tony
1 compromised version
- Jun 10, 2026
Malware in react-tracked-tony
1 compromised version
- Jun 10, 2026
Malicious code in martinez-polygon-clipping-simul-dalton (npm)
- Jun 10, 2026
Malware in martinez-polygon-clipping-simul-dalton
1 compromised version
- Jun 10, 2026
Malware in martinez-polygon-clipping-tony
1 compromised version
- Jun 10, 2026
Malicious code in solc-compiler (npm)
- Jun 10, 2026
Malicious code in solc-abi (npm)
- Jun 10, 2026
Malicious code in npmjs_web3-common (npm)
- Jun 10, 2026
Malicious code in npmjs_truffle-helper (npm)
- Jun 10, 2026
Malware in npmjs_web3-util
1 compromised version
- Jun 10, 2026
Malware in npmjs_truffle-helper
1 compromised version
- Jun 10, 2026
Malware in solc-abi
1 compromised version
- Jun 10, 2026
Malware in npmjs_web3-common
1 compromised version
- Jun 10, 2026
Malware in solc-compiler
1 compromised version
- Jun 10, 2026
Malicious code in solidity-abi (npm)
- Jun 10, 2026
Malware in npmjs_ethers-common
1 compromised version
- Jun 10, 2026
Malware in ethers-wordlist
1 compromised version
- Jun 10, 2026
Malware in npmjs_solc-helper
1 compromised version
- Jun 10, 2026
Malware in npmjs_hardhat-common
1 compromised version
- Jun 10, 2026
Malware in solidity-abi
1 compromised version
- Jun 10, 2026
Malicious code in plugin-fastify (npm)
- Jun 10, 2026
Malware in plugin-fastify
1 compromised version
- Jun 10, 2026
Malicious code in graphbase-js (npm)
6 compromised versions
- Jun 10, 2026
Malware in graphbase-js
1 compromised version
- Jun 10, 2026
Malicious code in @validator-sdk/pubkey (npm)
8 compromised versions
- Jun 10, 2026
Malicious code in @validate-ethereum-address/core (npm)
4 compromised versions
Page 57 of 4,802