Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
255,981 total · sorted newest first- Jun 30, 2026
Malicious code in quoting (npm)
- Jun 30, 2026
Malicious code in brock-react-alerts (npm)
- Jun 30, 2026
Malicious code in brock-loader (npm)
- Jun 30, 2026
Malicious code in setup-cicd (npm)
1 compromised version
- Jun 30, 2026
Malicious code in postcss-property-rollup (npm)
1 compromised version
- Jun 30, 2026
Malicious code in nbmolviz-js (npm)
1 compromised version
- Jun 30, 2026
Malicious code in confluent-kafka-javascript (npm)
1 compromised version
- Jun 30, 2026
Malicious code in agent-starter-pack (npm)
1 compromised version
- Jun 30, 2026
Malicious code in ts-linting-builder (npm)
1 compromised version
- Jun 30, 2026
Malicious code in ts-lint-builders-v2.1 (npm)
1 compromised version
- Jun 30, 2026
Malicious code in rs-biginteger (npm)
2 compromised versions
- Jun 30, 2026
Malicious code in terminal-prettier (npm)
54 compromised versions
- Jun 30, 2026
Malicious code in vue-demi-fix (npm)
3 compromised versions
- Jun 30, 2026
Malicious code in ripshakti1 (npm)
1 compromised version
- Jun 30, 2026
Malicious code in anthropic-toolkit (npm)
22 compromised versions
- Jun 30, 2026
Malicious code in ts-bn-proto (npm)
1 compromised version
- Jun 30, 2026
Malicious code in thirdwebb (npm)
1 compromised version
- Jun 30, 2026
Malicious code in thirdwb (npm)
1 compromised version
- Jun 30, 2026
Malicious code in polymarket-trading-developer-tools (npm)
2 compromised versions
- Jun 30, 2026
Malicious code in polymarket-clob-maths (npm)
2 compromised versions
- Jun 30, 2026
Malicious code in log-taker1 (npm)
1 compromised version
- Jun 30, 2026
Malicious code in decimal-format-core (npm)
7 compromised versions
- Jun 30, 2026
Malicious code in console-fmt-cli (npm)
11 compromised versions
- Jun 29, 2026
Malicious code in coolbox (PyPI)
2 compromised versions
- Jun 29, 2026
Malicious code in cmd2func (PyPI)
2 compromised versions
- Jun 29, 2026
Malicious code in bramin (PyPI)
3 compromised versions
- Jun 29, 2026
Malicious code in tlask (PyPI)
2 compromised versions
- Jun 29, 2026
Malicious code in rlask (PyPI)
5 compromised versions
- Jun 29, 2026
Malicious code in @webda-infra-ui/static-images (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @sixt-payment/form-react (npm)
- Jun 29, 2026
Malicious code in @digitalpharmacist/http-error-util (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @deel-ui/animation (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @deel-core/client-payroll-onboarding-types (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @cseo-hr/trpweb-shared (npm)
- Jun 29, 2026
Malicious code in @contentprod-authoring/block-manager (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @concerns/i18n (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @bscom/styling (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @bodata/angular-client (npm)
- Jun 29, 2026
Malicious code in @bc-workspace/utils (npm)
- Jun 29, 2026
Malicious code in @appsource/utils (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @alerts/components (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @tbe-ui/ides (npm)
- Jun 29, 2026
Malicious code in @report-portal/service-ui (npm)
- Jun 29, 2026
Malicious code in @react-thee/rapier (npm)
- Jun 29, 2026
Malicious code in @postman-app-monolith/renderer (npm)
- Jun 29, 2026
Malicious code in @postidigital-feature/oneaccount-orgadmin-front (npm)
- Jun 29, 2026
Malicious code in @planetlabs/admin-ng (npm)
- Jun 29, 2026
Malicious code in @orbis-lr-sdk/orbis-lr-sdk (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @ms-ows/logging (npm)
1 compromised version
- Jun 29, 2026
Malicious code in @meego-progressive/cdk (npm)
1 compromised version
Page 83 of 5,120