Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
255,987 total · sorted newest first- Jun 22, 2026
Malicious code in @lazyutil/dater (npm)
5 compromised versions
- Jun 22, 2026
Malicious code in @glitchpad/throttler (npm)
5 compromised versions
- Jun 22, 2026
Malicious code in @frostnode/waitfor (npm)
5 compromised versions
- Jun 22, 2026
Malicious code in forge-jsx4 (npm)
1 compromised version
- Jun 22, 2026
Malicious code in respects-switch (npm)
1 compromised version
- Jun 22, 2026
Malicious code in onboarding-respects-modal (npm)
1 compromised version
- Jun 22, 2026
Malicious code in crud-respect (npm)
1 compromised version
- Jun 22, 2026
Malicious code in inversiones-common (PyPI)
2 compromised versions
- Jun 21, 2026
Malicious code in fork-angular-daterangepicker (npm)
3 compromised versions
- Jun 21, 2026
Malicious code in hyperpure-core (npm)
1 compromised version
- Jun 21, 2026
Malicious code in blinkit-core (npm)
1 compromised version
- Jun 21, 2026
Malicious code in zomato-sushi (npm)
1 compromised version
- Jun 21, 2026
Malicious code in zomato-logger (npm)
1 compromised version
- Jun 21, 2026
Malicious code in zomato-server (npm)
1 compromised version
- Jun 21, 2026
Malicious code in zomato-config (npm)
1 compromised version
- Jun 21, 2026
Malicious code in jsonschema-viewer (PyPI)
1 compromised version
- Jun 20, 2026
Malicious code in requests-enhancer (PyPI)
1 compromised version
- Jun 20, 2026
Malicious code in sf-storybook (npm)
1 compromised version
- Jun 20, 2026
Malicious code in d0rk3r (PyPI)
16 compromised versions
- Jun 20, 2026
Malicious code in d0rk3r-telemetry (PyPI)
2 compromised versions
- Jun 20, 2026
Malicious code in request-cache-py (PyPI)
11 compromised versions
- Jun 20, 2026
Malicious code in free-anthropic-claude (npm)
26 compromised versions
- Jun 20, 2026
Malicious code in atlasora-config (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-shared (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-api (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-types (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-utils (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-sdk (npm)
1 compromised version
- Jun 20, 2026
Malicious code in atlasora-client (npm)
1 compromised version
- Jun 20, 2026
Malicious code in @withgoogle/stitch-sdk (npm)
5 compromised versions
- Jun 20, 2026
Malicious code in query-profile (PyPI)
3 compromised versions
- Jun 20, 2026
Malicious code in yian666aikf (npm)
1 compromised version
- Jun 20, 2026
Malicious code in yianzzkf6687 (npm)
1 compromised version
- Jun 20, 2026
Malicious code in fluent-dashboard-panel-metrics (PyPI)
1 compromised version
- Jun 19, 2026
Malicious code in improvado-layout-panel-metrics (PyPI)
2 compromised versions
- Jun 19, 2026
Malicious code in django-auth-middleware-plus (PyPI)
1 compromised version
- Jun 19, 2026
Malicious code in free-claude (npm)
3 compromised versions
- Jun 19, 2026
Malicious code in base_parts_ai (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in routecraft (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in aikaf668897 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in aikaf6688812 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in aikaf788812 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in create-mono-package (npm)
1 compromised version
- Jun 19, 2026
Malicious code in @chunklab/hexparse (npm)
5 compromised versions
- Jun 19, 2026
Malicious code in @bytemend/mfebus (npm)
6 compromised versions
- Jun 19, 2026
Malicious code in @briskforge/envcheck (npm)
4 compromised versions
- Jun 19, 2026
Malicious code in @apexcraft/nano-key (npm)
9 compromised versions
- Jun 19, 2026
Malicious code in @apiwizards/auth-middleware (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in @antoncarlos1/nodelamp (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in chai-assert-kit (npm)
1 compromised version
Page 92 of 5,120