Malicious packages

Malware feed

Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).

Recent advisories

225,882 total · sorted newest first

MAL-2022-6213Malwarenpmsomewhereinbetween
May 17, 2022
Malicious code in somewhereinbetween (npm)
MAL-2022-6905Malwarenpmvenzuella333
May 17, 2022
Malicious code in venzuella333 (npm)
MAL-2022-2573Malwarenpmdortmond22
May 17, 2022
Malicious code in dortmond22 (npm)
MAL-2022-6904Malwarenpmvenzuela-oil
May 17, 2022
Malicious code in venzuela-oil (npm)
MAL-2022-4897Malwarenpmnodefreaksolivan
May 17, 2022
Malicious code in nodefreaksolivan (npm)
MAL-2022-6550Malwarenpmtheremontada12
May 17, 2022
Malicious code in theremontada12 (npm)
MAL-2022-2565Malwarenpmdontblowthisoff
May 17, 2022
Malicious code in dontblowthisoff (npm)
MAL-2022-5915Malwarenpmsameethinghere101
May 17, 2022
Malicious code in sameethinghere101 (npm)
MAL-2022-1540Malwarenpmbfx-hf-func-data
May 17, 2022
Malicious code in bfx-hf-func-data (npm)
MAL-2022-6560Malwarenpmthreatresponse
May 17, 2022
Malicious code in threatresponse (npm)
MAL-2022-6508Malwarenpmtestapp00009
May 17, 2022
Malicious code in testapp00009 (npm)
MAL-2022-6399Malwarenpmsystemuser
May 17, 2022
Malicious code in systemuser (npm)
MAL-2022-940Malwarenpmalimaa
May 17, 2022
Malicious code in alimaa (npm)
MAL-2022-7415Malwarenpmzuanshi
May 17, 2022
Malicious code in zuanshi (npm)
MAL-2022-7306Malwarenpmyadanga
May 17, 2022
Malicious code in yadanga (npm)
MAL-2022-7278Malwarenpmxiawaa
May 17, 2022
Malicious code in xiawaa (npm)
MAL-2022-7036Malwarenpmwakakaa
May 17, 2022
Malicious code in wakakaa (npm)
MAL-2022-580Malwarenpm@seller-ui/settings
May 17, 2022
Malicious code in @seller-ui/settings (npm)
MAL-2022-2826Malwarenpmeslint-plugin-seller-ui-eslint-plugin
May 17, 2022
Malicious code in eslint-plugin-seller-ui-eslint-plugin (npm)
MAL-2022-579Malwarenpm@seller-ui/products
May 17, 2022
Malicious code in @seller-ui/products (npm)
MAL-2022-4291Malwarenpmlexical-website-new
May 16, 2022
Malicious code in lexical-website-new (npm)
MAL-2022-1991Malwarenpmcoldstone-sls
May 16, 2022
Malicious code in coldstone-sls (npm)
MAL-2022-1990Malwarenpmcoldstone-helpers
May 16, 2022
Malicious code in coldstone-helpers (npm)
MAL-2022-1824Malwarenpmcap-products
May 16, 2022
Malicious code in cap-products (npm)
MAL-2022-1823Malwarenpmcap-common-pages
May 16, 2022
Malicious code in cap-common-pages (npm)
MAL-2022-1645Malwarenpmbolt-styles
May 16, 2022
Malicious code in bolt-styles (npm)
MAL-2022-1142Malwarenpmassets-common
May 16, 2022
Malicious code in assets-common (npm)
MAL-2022-4264Malwarenpmlbc-git
May 16, 2022
Malicious code in lbc-git (npm)
MAL-2022-5577Malwarenpmrainbow-bridge-testing
May 16, 2022
Malicious code in rainbow-bridge-testing (npm)
MAL-2022-1040Malwarenpmapi-extractor-test-01
May 16, 2022
Malicious code in api-extractor-test-01 (npm)
MAL-2022-236Malwarenpm@epc-infra/app-lookup-stack
May 16, 2022
Malicious code in @epc-infra/app-lookup-stack (npm)
MAL-2022-248Malwarenpm@epc-libraries/utils
May 16, 2022
Malicious code in @epc-libraries/utils (npm)
MAL-2022-247Malwarenpm@epc-libraries/kinesis-service
May 16, 2022
Malicious code in @epc-libraries/kinesis-service (npm)
MAL-2022-1929Malwarenpmclinstestpackage
May 16, 2022
Malicious code in clinstestpackage (npm)
MAL-2022-246Malwarenpm@epc-libraries/driver-outage-db
May 16, 2022
Malicious code in @epc-libraries/driver-outage-db (npm)
MAL-2022-237Malwarenpm@epc-infra/aurora-stack
May 16, 2022
Malicious code in @epc-infra/aurora-stack (npm)
MAL-2022-245Malwarenpm@epc-libraries/data-api-versions
May 16, 2022
Malicious code in @epc-libraries/data-api-versions (npm)
MAL-2022-233Malwarenpm@epc-apps/api-management-plan
May 16, 2022
Malicious code in @epc-apps/api-management-plan (npm)
MAL-2022-244Malwarenpm@epc-libraries/cdk-custom-resources
May 16, 2022
Malicious code in @epc-libraries/cdk-custom-resources (npm)
MAL-2022-242Malwarenpm@epc-infra/stack-config
May 16, 2022
Malicious code in @epc-infra/stack-config (npm)
MAL-2022-241Malwarenpm@epc-infra/region-only-policy
May 16, 2022
Malicious code in @epc-infra/region-only-policy (npm)
MAL-2022-240Malwarenpm@epc-infra/dynamo-stack
May 16, 2022
Malicious code in @epc-infra/dynamo-stack (npm)
MAL-2022-239Malwarenpm@epc-infra/dns-stack
May 16, 2022
Malicious code in @epc-infra/dns-stack (npm)
MAL-2022-238Malwarenpm@epc-infra/clinstestpackage
May 16, 2022
Malicious code in @epc-infra/clinstestpackage (npm)
MAL-2022-231Malwarenpm@epc-apps/api-generic-plan
May 16, 2022
Malicious code in @epc-apps/api-generic-plan (npm)
MAL-2022-243Malwarenpm@epc-infra/users-stack
May 16, 2022
Malicious code in @epc-infra/users-stack (npm)
MAL-2022-234Malwarenpm@epc-apps/api-outages
May 16, 2022
Malicious code in @epc-apps/api-outages (npm)
MAL-2022-232Malwarenpm@epc-apps/api-ingestor
May 16, 2022
Malicious code in @epc-apps/api-ingestor (npm)
MAL-2022-230Malwarenpm@epc-apps/alert-servie
May 16, 2022
Malicious code in @epc-apps/alert-servie (npm)
MAL-2022-2020Malwarenpmcolors-update
May 16, 2022
Malicious code in colors-update (npm)

Page 4517 of 4,518