Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,070 total in npm · sorted newest first- Jun 1, 2026
Malware in @redhat-cloud-services/frontend-components
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/frontend-components-config-utilities
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/types
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/rbac-client
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/chrome
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/topological-inventory-client
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/quickstarts-client
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/rule-components
1 compromised version
- Jun 1, 2026
Malware in @redhat-cloud-services/eslint-config-redhat-cloud-services
1 compromised version
- Jun 1, 2026
Malicious code in jingmeideshishi (npm)
4 compromised versions
- Jun 1, 2026
Malware in jingmeideshishi
1 compromised version
- Jun 1, 2026
Malicious code in @pcldpvkoewpogw/testhacker (npm)
- Jun 1, 2026
Malicious code in @osamdefeirrighs/testhackfrrferrr (npm)
- Jun 1, 2026
Malicious code in @ewfewfewf/testhackerrr (npm)
- Jun 1, 2026
Malware in @pcldpvkoewpogw/testhacker
1 compromised version
- Jun 1, 2026
Malware in @osamdefeirrighs/testhackfrrferrr
1 compromised version
- Jun 1, 2026
Malware in @ewfewfewf/testhackerrr
1 compromised version
- Jun 1, 2026
Malware in audit-logsss
1 compromised version
- Jun 1, 2026
Malware in collected-forms-embed-js
1 compromised version
- Jun 1, 2026
Malicious code in cms-github (npm)
- Jun 1, 2026
Malware in cms-storehub
1 compromised version
- Jun 1, 2026
Malware in cms-github
1 compromised version
- Jun 1, 2026
Malicious code in shopifyto-cms (npm)
- Jun 1, 2026
Malicious code in cms-helpgit (npm)
- Jun 1, 2026
Malware in cms-helpgit
1 compromised version
- Jun 1, 2026
Malware in shopifyto-cms
1 compromised version
- Jun 1, 2026
Malware in to-cms
1 compromised version
- Jun 1, 2026
Malware in chainix
1 compromised version
- Jun 1, 2026
Malicious code in chai-as-minted (npm)
- Jun 1, 2026
Malware in chai-as-minted
1 compromised version
- Jun 1, 2026
Malicious code in @tmecontinue/cli (npm)
- Jun 1, 2026
Malware in @tmecontinue/cli
1 compromised version
- Jun 1, 2026
Malware in @tmecontinue/claude
1 compromised version
- Jun 1, 2026
Malicious code in @antoncallahan/aws-user-helper (npm)
- Jun 1, 2026
Malware in @antoncallahan/aws-user-helper
1 compromised version
- Jun 1, 2026
Malicious code in @tse-digital/core (npm)
- Jun 1, 2026
Malicious code in @telenor-se/core (npm)
- Jun 1, 2026
Malicious code in @ownit/core (npm)
- Jun 1, 2026
Malicious code in @customer-threesixty/assets (npm)
- Jun 1, 2026
Malicious code in @emcd-vue/loans (npm)
4 compromised versions
- Jun 1, 2026
Malicious code in @emcd-vue/auth (npm)
4 compromised versions
- Jun 1, 2026
Malicious code in @emcd-vue/b2b-pay-form (npm)
4 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/vulnerabilities-client (npm)
3 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/tsc-transform-imports (npm)
3 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/remediations-client (npm)
3 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/patch-client (npm)
3 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/notifications-client (npm)
3 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/javascript-clients-shared (npm)
3 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/insights-client (npm)
3 compromised versions
- Jun 1, 2026
Malicious code in @redhat-cloud-services/host-inventory-client (npm)
3 compromised versions
Page 65 of 4,802