Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,070 total in npm · sorted newest first- Jun 4, 2026
Malicious code in javascript-yaml (npm)
1 compromised version
- Jun 4, 2026
Malicious code in weavedb-contracts (npm)
1 compromised version
- Jun 4, 2026
Malicious code in wdb-core (npm)
1 compromised version
- Jun 4, 2026
Malicious code in hbsig (npm)
2 compromised versions
- Jun 4, 2026
Malicious code in arjson (npm)
1 compromised version
- Jun 4, 2026
Malicious code in hello244a (npm)
46 compromised versions
- Jun 4, 2026
Malicious code in supabase (npm)
- Jun 4, 2026
Withdrawn Advisory: Malware in supabase
1 compromised version
- Jun 4, 2026
Malicious code in autotel-terminal (npm)
39 compromised versions
- Jun 4, 2026
Malware in autotel-terminal
1 compromised version
- Jun 4, 2026
Malicious code in @jagreehal/workflow (npm)
1 compromised version
- Jun 4, 2026
Malware in @jagreehal/workflow
1 compromised version
- Jun 4, 2026
Malicious code in cms-store-ren (npm)
1 compromised version
- Jun 3, 2026
Malicious code in nodemon-webpatch (npm)
- Jun 3, 2026
Malicious code in chai-midpatch (npm)
- Jun 3, 2026
Malware in chai-midpatch
1 compromised version
- Jun 3, 2026
Malware in nodemon-webpatch
1 compromised version
- Jun 3, 2026
Malicious code in webpack-json (npm)
- Jun 3, 2026
Malicious code in nodemon-pack (npm)
- Jun 3, 2026
Malware in nodemon-pack
1 compromised version
- Jun 3, 2026
Malware in webpack-json
1 compromised version
- Jun 3, 2026
Malicious code in brave-search-mcp-server (npm)
1 compromised version
- Jun 2, 2026
Malicious code in fundraiserserv (npm)
1 compromised version
- Jun 2, 2026
Malicious code in vg-interaction-model (npm)
2 compromised versions
- Jun 2, 2026
Malicious code in chai-parse (npm)
- Jun 2, 2026
Malware in chai-parse
1 compromised version
- Jun 2, 2026
Malicious code in sourceflow-tracker (npm)
1 compromised version
- Jun 2, 2026
Malicious code in page-info-service (npm)
1 compromised version
- Jun 2, 2026
Malicious code in po-ops-local-dev (npm)
1 compromised version
- Jun 2, 2026
Malicious code in @att-ebiz/abs-components-bc (npm)
1 compromised version
- Jun 2, 2026
Malicious code in @aonunited/angular (npm)
2 compromised versions
- Jun 1, 2026
Malicious code in rookie-security-test-pkg (npm)
1 compromised version
- Jun 1, 2026
Malware in xarc-webpack-cli
1 compromised version
- Jun 1, 2026
Malware in json-to-simple-graphql-schema
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/sources-client
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/integrations-client
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/hcc-feo-mcp
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/frontend-components-testing
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/frontend-components-remediations
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/frontend-components-config
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/entitlements-client
1 compromised version
- Jun 1, 2026
Malware in randomlogs
1 compromised version
- Jun 1, 2026
Malicious code in picnic-react-mise-en-place (npm)
1 compromised version
- Jun 1, 2026
Malware in peertube-plugin-google-analytics-js
1 compromised version
- Jun 1, 2026
Malicious code in @chat-template/auth (npm)
- Jun 1, 2026
Malware in @chat-template/auth
1 compromised version
- Jun 1, 2026
Malware in nemo-reporter
1 compromised version
- Jun 1, 2026
Malicious code in nepsnowplow (npm)
1 compromised version
- Jun 1, 2026
Malware in motion-tool
1 compromised version
- Jun 1, 2026
Malware in loading-session
1 compromised version
Page 64 of 4,802