Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,070 total in npm · sorted newest first- May 29, 2026
Malicious code in tailwindcss-basic-animation (npm)
- May 29, 2026
Malicious code in tailwind-smooth-slider (npm)
- May 29, 2026
Malicious code in ota_web_admin (npm)
- May 29, 2026
Malicious code in evmchain-config (npm)
- May 29, 2026
Malicious code in evmchain-cli (npm)
- May 29, 2026
Malware in tailwind-smooth-slider
1 compromised version
- May 29, 2026
Malware in fixed-round
1 compromised version
- May 29, 2026
Malware in ota_web_admin
1 compromised version
- May 29, 2026
Malware in jest-date-mock
1 compromised version
- May 29, 2026
Malware in tailwindcss-basic-animation
1 compromised version
- May 29, 2026
Malware in evmchain-config
1 compromised version
- May 29, 2026
Malware in evmchain-cli
1 compromised version
- May 29, 2026
Malware in @antv/algorithm
1 compromised version
- May 29, 2026
Malware in @antv/async-hook
1 compromised version
- May 29, 2026
Malware in ethers-abstract-signer
1 compromised version
- May 29, 2026
Malware in @antv/dw-analyzer
1 compromised version
- May 29, 2026
Malicious code in raven-i18n-react (npm)
1 compromised version
- May 29, 2026
Malicious code in chai-use-test (npm)
2 compromised versions
- May 29, 2026
Malicious code in chai-extensions-extras (npm)
2 compromised versions
- May 29, 2026
Malware in canvas-nest.js
1 compromised version
- May 29, 2026
Malware in onfire.js
1 compromised version
- May 29, 2026
Malware in chai-extensions-extras
1 compromised version
- May 29, 2026
Malware in apexomni-node
1 compromised version
- May 29, 2026
Malware in chai-use-test
1 compromised version
- May 29, 2026
Malware in power-apps
1 compromised version
- May 29, 2026
Malware in raven-i18n-react
1 compromised version
- May 29, 2026
Malware in slice.js
1 compromised version
- May 29, 2026
Malware in apexpro
1 compromised version
- May 29, 2026
Malicious code in tailwind-clamps-line (npm)
- May 29, 2026
Malicious code in react-svg-animator (npm)
- May 29, 2026
Malicious code in private-next-instrumentation-client (npm)
- May 29, 2026
Malware in miz
1 compromised version
- May 29, 2026
Malware in tailwind-typography-cssstyle
1 compromised version
- May 29, 2026
Malware in react-svg-animator
1 compromised version
- May 29, 2026
Malware in private-next-instrumentation-client
1 compromised version
- May 29, 2026
Malware in mmt-static
1 compromised version
- May 29, 2026
Malware in tailwind-clamps-line
1 compromised version
- May 29, 2026
Malicious code in gcp-api-enabler (npm)
1 compromised version
- May 29, 2026
Malicious code in ethers-errors (npm)
- May 29, 2026
Malware in erslove
1 compromised version
- May 29, 2026
Malware in gcp-api-enabler
1 compromised version
- May 29, 2026
Malware in material-ui-plugin-cache-endpoint
1 compromised version
- May 29, 2026
Malware in nextjs-chat-with-ai-service
1 compromised version
- May 29, 2026
Malware in ethers-errors
1 compromised version
- May 29, 2026
Malicious code in @timelycare/core (npm)
- May 29, 2026
Malicious code in @timelycare/api (npm)
- May 29, 2026
Malicious code in @tc-core/provider-service (npm)
- May 29, 2026
Malicious code in @rsi-community/hub-client-app (npm)
1 compromised version
- May 29, 2026
Malware in @tc-core/provider-service
1 compromised version
- May 29, 2026
Malware in @lint-md/core
1 compromised version
Page 69 of 4,802