Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,070 total in npm · sorted newest first- May 29, 2026
Malicious code in viem-multichain (npm)
- May 29, 2026
Malware in zod-to-js
1 compromised version
- May 29, 2026
Malware in viem-multichain
1 compromised version
- May 29, 2026
Malware in mrdaa-frontend
1 compromised version
- May 29, 2026
Malware in proton-pack
1 compromised version
- May 29, 2026
Malware in ethers-signing-key
1 compromised version
- May 29, 2026
Malware in jest-less-loader
1 compromised version
- May 29, 2026
Malware in paychex-common-vendor-lib
1 compromised version
- May 29, 2026
Malicious code in ethers-hdnode (npm)
- May 29, 2026
Malicious code in ethers-contract (npm)
- May 29, 2026
Malware in limit-size
1 compromised version
- May 29, 2026
Malware in ethers-contract
1 compromised version
- May 29, 2026
Malware in ethers-hdnode
1 compromised version
- May 29, 2026
Malware in axis-abc-search-address
1 compromised version
- May 29, 2026
Malicious code in argpras (npm)
- May 29, 2026
Malware in argpras
1 compromised version
- May 29, 2026
Malware in axis-abc-search-account
1 compromised version
- May 29, 2026
Malware in apexomni
1 compromised version
- May 29, 2026
Malicious code in @trp-individual-investor-adv-disc/adv-shared (npm)
1 compromised version
- May 29, 2026
Malicious code in @timelycare/config-service (npm)
- May 29, 2026
Malicious code in @cplace-paw-fe/cf-training-extended (npm)
- May 29, 2026
Malware in @antv/thumbnails
1 compromised version
- May 29, 2026
Malware in @lint-md/parser
1 compromised version
- May 29, 2026
Malware in @timelycare/config-service
1 compromised version
- May 29, 2026
Malware in ally-antivirus
1 compromised version
- May 29, 2026
Malware in ally-json-threat-protect
1 compromised version
- May 29, 2026
Malware in @antv/x6-plugin-scroller
1 compromised version
- May 29, 2026
Malware in @trp-individual-investor-adv-disc/adv-shared
1 compromised version
- May 29, 2026
Malware in @citi-icg-158830/icgds-react-css
1 compromised version
- May 29, 2026
Malware in @cplace-paw-fe/cf-training-extended
1 compromised version
- May 29, 2026
Malware in @breezeai-frontend/tailwind-config
1 compromised version
- May 29, 2026
Malware in @cplace-workflow-fe/cf-workflow
1 compromised version
- May 29, 2026
Malware in @antv/x6-vue-shape
1 compromised version
- May 29, 2026
Malware in @antv/path-util
1 compromised version
- May 29, 2026
Malware in @antv/l7
1 compromised version
- May 29, 2026
Malware in @antv/li-core-assets
1 compromised version
- May 29, 2026
Malware in xmorse
1 compromised version
- May 29, 2026
Malware in @antv/my-f2
1 compromised version
- May 29, 2026
Malware in @antv/g-plugin-svg-renderer
1 compromised version
- May 29, 2026
Malicious code in tailwind-effect (npm)
- May 29, 2026
Malicious code in one-view-chat-ui-module (npm)
1 compromised version
- May 29, 2026
Malware in one-view-chat-ui-module
1 compromised version
- May 29, 2026
Malware in node-ipc
1 compromised version
- May 29, 2026
Malware in reactive-cdk-app
1 compromised version
- May 29, 2026
Malware in @antv/f6-plugin
1 compromised version
- May 29, 2026
Malware in tailwind-effect
1 compromised version
- May 29, 2026
Malicious code in web3-config-loader (npm)
- May 29, 2026
Malware in word-width
1 compromised version
- May 29, 2026
Malware in web3-config-loader
1 compromised version
- May 29, 2026
Malware in @antv/g-math
1 compromised version
Page 68 of 4,802