Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
255,781 total · sorted newest first- Jul 12, 2026
Malicious code in @meziizana/frontend-logger (npm)
1 compromised version
- Jul 12, 2026
Malicious code in react-next-vite (npm)
1 compromised version
- Jul 12, 2026
Malicious code in nullrift (npm)
1 compromised version
- Jul 12, 2026
Malicious code in chain-await-dom (npm)
1 compromised version
- Jul 12, 2026
Malicious code in react-dom-v17 (npm)
1 compromised version
- Jul 12, 2026
Malicious code in library-explorer (npm)
1 compromised version
- Jul 12, 2026
Malicious code in giantswarm (npm)
1 compromised version
- Jul 12, 2026
Malicious code in api-changelly (npm)
1 compromised version
- Jul 12, 2026
Malicious code in gptcore (npm)
3 compromised versions
- Jul 12, 2026
Malicious code in bugexploit (npm)
1 compromised version
- Jul 12, 2026
Malicious code in polylabel-web-lib (npm)
1 compromised version
- Jul 12, 2026
Malicious code in polymarket-kelly-math-stake (npm)
1 compromised version
- Jul 12, 2026
Malicious code in jupiter-sdk (PyPI)
2 compromised versions
- Jul 12, 2026
Malicious code in eth-agent (PyPI)
2 compromised versions
- Jul 12, 2026
Malicious code in metemask-sdk (PyPI)
2 compromised versions
- Jul 12, 2026
Malicious code in solidity-dev (PyPI)
1 compromised version
- Jul 12, 2026
Malicious code in defi-tools (PyPI)
1 compromised version
- Jul 12, 2026
Malicious code in data-harvester (PyPI)
1 compromised version
- Jul 12, 2026
Malicious code in py-base58 (PyPI)
2 compromised versions
- Jul 11, 2026
Malicious code in tinymask-js (npm)
1 compromised version
- Jul 11, 2026
Malicious code in awesome-ts-jest (npm)
1 compromised version
- Jul 11, 2026
Malicious code in tinyparrot (npm)
1 compromised version
- Jul 11, 2026
Malicious code in google-caja-bower (npm)
7 compromised versions
- Jul 11, 2026
Malicious code in authvaultx (npm)
1 compromised version
- Jul 11, 2026
Malicious code in jscrambler (npm)
5 compromised versions
- Jul 10, 2026
Malicious code in @uwr/colors (npm)
1 compromised version
- Jul 10, 2026
Malicious code in fkext-browser-min (npm)
1 compromised version
- Jul 10, 2026
Malicious code in @broadpeak/smartlib-ad (npm)
1 compromised version
- Jul 10, 2026
Malicious code in consumerweb (npm)
1 compromised version
- Jul 10, 2026
Malicious code in express-guardian (npm)
2 compromised versions
- Jul 10, 2026
Malicious code in mongoose-schema-unique (npm)
3 compromised versions
- Jul 10, 2026
Malicious code in auth-next-gen (npm)
3 compromised versions
- Jul 10, 2026
Malicious code in @jaymara/jsononifier (npm)
3 compromised versions
- Jul 10, 2026
Malicious code in chai-as-doc (npm)
1 compromised version
- Jul 10, 2026
Malicious code in uncaxss (npm)
2 compromised versions
- Jul 10, 2026
Malicious code in @injectivelabs/sdk-ts (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-vault (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-payments (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-node (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-kyc (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-fraud (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-js (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-checkout (npm)
1 compromised version
- Jul 10, 2026
Malicious code in paysafe-api (npm)
1 compromised version
- Jul 10, 2026
Malicious code in type-atob (npm)
1 compromised version
- Jul 10, 2026
Malicious code in llama-tokenizer (npm)
1 compromised version
- Jul 10, 2026
Malicious code in type-async (npm)
1 compromised version
- Jul 10, 2026
Malicious code in @bcryptln/becryptjs (npm)
3 compromised versions
- Jul 10, 2026
Malicious code in rollup-packages-polyfill-core (npm)
2 compromised versions
- Jul 10, 2026
Malicious code in buffer-util-internal (npm)
2 compromised versions
Page 8 of 5,116