Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,064 total in npm · sorted newest first- Jun 9, 2026
Malicious code in @dktunited/anly-tracker-v2 (npm)
1 compromised version
- Jun 9, 2026
Malicious code in exodus-checkout-signer (npm)
1 compromised version
- Jun 9, 2026
Malicious code in grateful-checkout (npm)
1 compromised version
- Jun 9, 2026
Malicious code in checkout-signer (npm)
1 compromised version
- Jun 9, 2026
Malicious code in exodus-wallet-core (npm)
1 compromised version
- Jun 9, 2026
Malicious code in grateful-payments (npm)
1 compromised version
- Jun 9, 2026
Malicious code in exodus-solana-sdk (npm)
1 compromised version
- Jun 9, 2026
Malicious code in exodus-ethereum-sdk (npm)
1 compromised version
- Jun 9, 2026
Malicious code in exodus-secure-container (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @nstrlabs/utils (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @klapp-otp/routes (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @nstrlabs/api-client (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @nstrlabs/ixel (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @nstrlabs/sdk (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @nstrlabs/shared-components (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @nstrlabs/auth (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @klapp-kyc/routes (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @payment-review/store (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @card-pci-data/store (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @klapp-sca/routes (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @klapp-about/routes (npm)
3 compromised versions
- Jun 9, 2026
Malicious code in @klapp-login-platform/oidc (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @klapp-login-platform/native-sdk (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in @klapp-login-platform/routes (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in morningstar-design-system (npm)
3 compromised versions
- Jun 9, 2026
Malicious code in o3forms (npm)
2 compromised versions
- Jun 9, 2026
Malicious code in via-city-tools-m-particle (npm)
1 compromised version
- Jun 9, 2026
Malicious code in ui-ng-components (npm)
1 compromised version
- Jun 9, 2026
Malicious code in uipath-sugar-sell (npm)
1 compromised version
- Jun 9, 2026
Malicious code in tivo-codelib-a (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @webda-features/dashboard (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @webd-infra/query-designer-domain (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @webda-infra/search (npm)
1 compromised version
- Jun 9, 2026
Malicious code in privacy-sdk (npm)
1 compromised version
- Jun 9, 2026
Malicious code in commons-ui-styles (npm)
1 compromised version
- Jun 9, 2026
Malicious code in corporate-front-vue (npm)
1 compromised version
- Jun 9, 2026
Malicious code in mazemap (npm)
1 compromised version
- Jun 9, 2026
Malicious code in localization-lib (npm)
1 compromised version
- Jun 9, 2026
Malicious code in housecall-ui (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @shell-landing/routes (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @easy-entry/outside-registration-fop-navigator (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @shell-cabinet/routes (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @easy-entry/routes (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @easy-entry/landing-routes (npm)
1 compromised version
- Jun 9, 2026
Malicious code in shopify-app-bridge-internal (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @sourceflow-uk/sourceflow-tracker (npm)
1 compromised version
- Jun 9, 2026
Malicious code in ac_calendar_ts (npm)
1 compromised version
- Jun 9, 2026
Malicious code in ac_semantic-ui_ts (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @oplus/obus-web-sdk (npm)
1 compromised version
- Jun 9, 2026
Malicious code in @oplus/obus-web-sdk-plugin-recovery (npm)
1 compromised version
Page 59 of 4,802