Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
240,073 total in npm · sorted newest first- May 25, 2026
Malicious code in jsontoken-extend (npm)
14 compromised versions
- May 25, 2026
Malicious code in vue-compiler-sfc-plugin (npm)
2 compromised versions
- May 25, 2026
Malicious code in web-dotenv (npm)
1 compromised version
- May 25, 2026
Malicious code in chromestaff-baileys (npm)
1 compromised version
- May 25, 2026
Malicious code in wml-components (npm)
1 compromised version
- May 25, 2026
Malicious code in wml-core (npm)
1 compromised version
- May 25, 2026
Malicious code in tempo-modules (npm)
1 compromised version
- May 25, 2026
Malicious code in walmart-shared-modules (npm)
1 compromised version
- May 25, 2026
Malicious code in platform-tempo (npm)
1 compromised version
- May 25, 2026
Malicious code in tempo-components (npm)
1 compromised version
- May 25, 2026
Malicious code in intl-ads (npm)
3 compromised versions
- May 25, 2026
Malicious code in tempo-shared-modules (npm)
3 compromised versions
- May 25, 2026
Malicious code in tempo-layout (npm)
3 compromised versions
- May 25, 2026
Malicious code in intl-ad-routing (npm)
3 compromised versions
- May 25, 2026
Malicious code in itc-actors-api (npm)
1 compromised version
- May 25, 2026
Malicious code in koishi-plugin-fusheng-count (npm)
1 compromised version
- May 25, 2026
Malicious code in claude-channel-imessage (npm)
1 compromised version
- May 25, 2026
Malicious code in koishi-plugin-fusheng-car (npm)
1 compromised version
- May 25, 2026
Malicious code in emojifancy-print (npm)
1 compromised version
- May 25, 2026
Malicious code in clobprice.api (npm)
3 compromised versions
- May 25, 2026
Malicious code in clob.api (npm)
1 compromised version
- May 25, 2026
Malicious code in @devcarron/clob (npm)
1 compromised version
- May 25, 2026
Malicious code in atel-mcp-openclaw (npm)
2 compromised versions
- May 25, 2026
Malicious code in clawpro-diagnostics-metrics-cls (npm)
1 compromised version
- May 25, 2026
Malicious code in muaddib-scanner (npm)
1 compromised version
- May 25, 2026
Malicious code in opentiny-react (npm)
1 compromised version
- May 25, 2026
Malicious code in auth-basic-vault (npm)
1 compromised version
- May 25, 2026
Malicious code in msc-terminal (npm)
1 compromised version
- May 25, 2026
Malicious code in authcascade (npm)
2 compromised versions
- May 25, 2026
Malicious code in @pmate/utils (npm)
1 compromised version
- May 25, 2026
Malicious code in raise-common-lib (npm)
1 compromised version
- May 25, 2026
Malicious code in chai-as-patch (npm)
1 compromised version
- May 25, 2026
Malicious code in ts-stream-compose (npm)
- May 25, 2026
Malicious code in jules-standard (npm)
- May 25, 2026
Malware in @gbrlxvii/ts-project-lint
1 compromised version
- May 25, 2026
Malware in ts-stream-compose
1 compromised version
- May 25, 2026
Malware in jules-standard
1 compromised version
- May 25, 2026
Malware in @gbrlxvii/ts-form-utils
1 compromised version
- May 25, 2026
Malicious code in ts-typeguard-utils (npm)
- May 25, 2026
Malicious code in ts-schema-config (npm)
- May 25, 2026
Malicious code in ts-result-pipe (npm)
- May 25, 2026
Malicious code in ts-iter-utils (npm)
- May 25, 2026
Malicious code in ts-config-mapper (npm)
- May 25, 2026
Malicious code in @gbrlxvii/ts-env-validator (npm)
- May 25, 2026
Malware in ts-typeguard-utils
1 compromised version
- May 25, 2026
Malware in ts-schema-config
1 compromised version
- May 25, 2026
Malware in ts-config-mapper
1 compromised version
- May 25, 2026
Malware in ts-iter-utils
1 compromised version
- May 25, 2026
Malware in ts-result-pipe
1 compromised version
- May 25, 2026
Malware in @gbrlxvii/ts-env-validator
1 compromised version
Page 79 of 4,802