Malicious packages
Malware feed
Every package version published with malicious code, federated from OSV.dev's MAL-* feed: GitHub malware advisories, Snyk, PyPI removed-malware, OSS-Fuzz, and others. These are not CVE-style vulnerabilities — they're intentionally malicious uploads (typosquats, compromised maintainer tokens, worm-style campaigns like Shai-Hulud).
Recent advisories
255,987 total · sorted newest first- Jun 19, 2026
Malicious code in chai-as-attested (npm)
1 compromised version
- Jun 19, 2026
Malicious code in chai-as-uphelded (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-mjs-eslint (npm)
1 compromised version
- Jun 19, 2026
Malicious code in mjs-eslint (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-eslint-1 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-eslint (npm)
1 compromised version
- Jun 19, 2026
Malicious code in new-ts-helper (npm)
1 compromised version
- Jun 19, 2026
Malicious code in chai-as-forgeted (npm)
1 compromised version
- Jun 19, 2026
Malicious code in fastercoding (PyPI)
1 compromised version
- Jun 19, 2026
Malicious code in fastercode (PyPI)
3 compromised versions
- Jun 19, 2026
Malicious code in shoaib-done-pack (PyPI)
1 compromised version
- Jun 19, 2026
Malicious code in ts-esys (npm)
1 compromised version
- Jun 19, 2026
Malicious code in ts-ecro-helper (npm)
1 compromised version
- Jun 19, 2026
Malware in ts-ecro-helper
1 compromised version
- Jun 19, 2026
Malware in ts-ecro
1 compromised version
- Jun 19, 2026
Malware in new-ecro
1 compromised version
- Jun 19, 2026
Malware in ts-esys
1 compromised version
- Jun 19, 2026
Malware in ts-big-ecro
1 compromised version
- Jun 19, 2026
Malicious code in mongoose-jsonify (npm)
- Jun 19, 2026
Malware in pretty-logger-js
1 compromised version
- Jun 19, 2026
Malware in mongoose-jsonify
1 compromised version
- Jun 19, 2026
Malicious code in eth-util (npm)
1 compromised version
- Jun 19, 2026
Malicious code in assert-kit (npm)
1 compromised version
- Jun 19, 2026
Malware in eth-util
1 compromised version
- Jun 19, 2026
Malware in assert-kit
1 compromised version
- Jun 19, 2026
Malicious code in ethereum-gas-reporter (npm)
1 compromised version
- Jun 19, 2026
Malware in ethereum-gas-reporter
1 compromised version
- Jun 19, 2026
Malicious code in build-tracker-n5p1 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in ts-big-ecro (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in new-ecro-1 (npm)
3 compromised versions
- Jun 19, 2026
Malicious code in new-ecro (npm)
3 compromised versions
- Jun 19, 2026
Malicious code in node-slot (npm)
3 compromised versions
- Jun 19, 2026
Malicious code in ordered-btree (npm)
1 compromised version
- Jun 19, 2026
Malicious code in @mep-exp/api-tools (npm)
1 compromised version
- Jun 19, 2026
Malicious code in @qlab/component-intelligence (npm)
1 compromised version
- Jun 19, 2026
Malicious code in nodepathbalance54 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in conversa-sdk (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in electron-internal-utils (npm)
1 compromised version
- Jun 19, 2026
Malicious code in eyee (npm)
1 compromised version
- Jun 19, 2026
Malicious code in portloop (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in ts-linter-builders (npm)
1 compromised version
- Jun 19, 2026
Malicious code in eslint-helper-1 (npm)
1 compromised version
- Jun 19, 2026
Malicious code in mjs-eslint-helper (npm)
1 compromised version
- Jun 19, 2026
Malicious code in eslint-helper (npm)
2 compromised versions
- Jun 19, 2026
Malicious code in fluent-panel-metrics (PyPI)
1 compromised version
- Jun 18, 2026
Malicious code in node-vfs-polyfill (npm)
2 compromised versions
- Jun 18, 2026
Malicious code in db-connector-log (npm)
2 compromised versions
- Jun 18, 2026
Malicious code in runtime-query (npm)
1 compromised version
- Jun 18, 2026
Malicious code in clx-cookie-signature (npm)
1 compromised version
- Jun 18, 2026
Malicious code in @httpactions/strict-uri-encode (npm)
1 compromised version
Page 93 of 5,120