Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
11,558 total in pypi · sorted newest first- May 31, 2022
Malicious code in requuests (PyPI)
- May 31, 2022
Malicious code in requestts (PyPI)
- May 31, 2022
Malicious code in requessts (PyPI)
- May 31, 2022
Malicious code in requess (PyPI)
- May 31, 2022
Malicious code in requeests (PyPI)
- May 31, 2022
Malicious code in reqquests (PyPI)
- May 31, 2022
Malicious code in reequests (PyPI)
- May 31, 2022
Malicious code in equests (PyPI)
Page 232 of 232