Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
11,558 total in pypi · sorted newest first- Feb 9, 2023
Malicious code in freqqtrade (PyPI)
- Feb 9, 2023
Malicious code in freqtrde (PyPI)
- Feb 9, 2023
Malicious code in freqtrad (PyPI)
- Feb 9, 2023
Malicious code in freqtrae (PyPI)
- Feb 9, 2023
Malicious code in freqtradee (PyPI)
- Feb 9, 2023
Malicious code in freqrade (PyPI)
- Feb 9, 2023
Malicious code in frqtrade (PyPI)
- Feb 9, 2023
Malicious code in fretqrade (PyPI)
- Feb 9, 2023
Malicious code in freqttrade (PyPI)
- Feb 9, 2023
Malicious code in freqtrrade (PyPI)
- Feb 9, 2023
Malicious code in freqtradde (PyPI)
- Feb 9, 2023
Malicious code in fretrade (PyPI)
- Feb 9, 2023
Malicious code in freqrtade (PyPI)
- Feb 9, 2023
Malicious code in feqtrade (PyPI)
- Feb 9, 2023
Malicious code in freeqtrade (PyPI)
- Feb 9, 2023
Malicious code in freqtraade (PyPI)
- Feb 9, 2023
Malicious code in frreqtrade (PyPI)
- Feb 9, 2023
Malicious code in reqtrade (PyPI)
- Feb 9, 2023
Malicious code in ferqtrade (PyPI)
- Feb 9, 2023
Malicious code in cxct (PyPI)
- Feb 9, 2023
Malicious code in freqtade (PyPI)
- Feb 9, 2023
Malicious code in cxt (PyPI)
- Feb 9, 2023
Malicious code in ccx (PyPI)
- Feb 9, 2023
Malicious code in cccxt (PyPI)
- Feb 9, 2023
Malicious code in ccxtt (PyPI)
- Feb 9, 2023
Malicious code in ccxxt (PyPI)
- Jan 1, 2023
Malicious code in fredli (PyPI)
1 compromised version
- Jan 1, 2023
Malicious code in fredmi (PyPI)
1 compromised version
- Aug 30, 2022
Malicious code in winrpcexploit (PyPI)
- Aug 30, 2022
WINRPCexploit malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in browserdiv (PyPI)
- Aug 30, 2022
browserdiv malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in zlibsrc (PyPI)
- Aug 30, 2022
zlibsrc malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in free-net-vpn2 (PyPI)
- Aug 30, 2022
free-net-vpn2 malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in free-net-vpn (PyPI)
- Aug 30, 2022
free-net-vpn malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in test-async (PyPI)
- Aug 30, 2022
test-async malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in pyproto2 (PyPI)
- Aug 30, 2022
PyProto2 malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in pymocks (PyPI)
- Aug 30, 2022
pymocks malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in pyg-utils (PyPI)
- Aug 30, 2022
pyg-utils malicious PyPI package
1 compromised version
- Aug 30, 2022
Malicious code in ascii2text (PyPI)
- Aug 30, 2022
ascii2text malicious PyPI package
1 compromised version
- May 31, 2022
Malicious code in rrequests (PyPI)
- May 31, 2022
Malicious code in reuests (PyPI)
Page 231 of 232