Supply Chain Incidents

Malicious packages, backdoors, typosquats, and dependency confusion attacks

228,613
Total Incidents
npmPyPIRubyGemsGocrates.ioNuGetPackagist

hello-world-pkg-value-value-p

npm

MAL-2026-3714

Malicious code in hello-world-pkg-value-value-p (npm)

Malware
May 2026

truffle-js

npm

MAL-2026-3717

Malicious code in truffle-js (npm)

Malware
May 2026

hardhat-common

npm

MAL-2026-3712

Malicious code in hardhat-common (npm)

Malware
May 2026

hardhat-core

npm

MAL-2026-3713

Malicious code in hardhat-core (npm)

Malware
May 2026

ethers-io

npm

MAL-2026-3708

Malicious code in ethers-io (npm)

Malware
May 2026

solc-helper

npm

MAL-2026-3715

Malicious code in solc-helper (npm)

Malware
May 2026

ethers-common

npm

MAL-2026-3707

Malicious code in ethers-common (npm)

Malware
May 2026

truffle-helper

npm

MAL-2026-3716

Malicious code in truffle-helper (npm)

Malware
May 2026

web3-common

npm

MAL-2026-3718

Malicious code in web3-common (npm)

Malware
May 2026

web3-core-js

npm

MAL-2026-3719

Malicious code in web3-core-js (npm)

Malware
May 2026

openai-spellcheckers

PyPI

MAL-2026-3638

Malicious code in openai-spellcheckers (PyPI)

Malware
May 2026

d4rktg

PyPI

MAL-2026-3688

Malicious code in d4rktg (PyPI)

Backdoor
May 2026

@dropout-ai/runtime

npm

MAL-2026-3683

Malicious code in @dropout-ai/runtime (npm)

Malware
May 2026

intercom-php

Packagist

MAL-2026-3637

Malicious code in intercom-php (Packagist)

Malware
May 2026

knot-rails-assets-pipeline

RubyGems

MAL-2026-3634

Malicious code in knot-rails-assets-pipeline (RubyGems)

Malware
May 2026

github.com/BufferZoneCorp/go-weather-sdk

Go

MAL-2026-3626

Malicious code in github.com/BufferZoneCorp/go-weather-sdk (Go)

Malware
May 2026

github.com/BufferZoneCorp/grpc-client

Go

MAL-2026-3627

Malicious code in github.com/BufferZoneCorp/grpc-client (Go)

Malware
May 2026

github.com/BufferZoneCorp/go-stdlog

Go

MAL-2026-3625

Malicious code in github.com/BufferZoneCorp/go-stdlog (Go)

Malware
May 2026

github.com/BufferZoneCorp/log-core

Go

MAL-2026-3628

Malicious code in github.com/BufferZoneCorp/log-core (Go)

Malware
May 2026

knot-devise-jwt-helper

RubyGems

MAL-2026-3632

Malicious code in knot-devise-jwt-helper (RubyGems)

Malware
May 2026

knot-simple-formatter

RubyGems

MAL-2026-3636

Malicious code in knot-simple-formatter (RubyGems)

Malware
May 2026

github.com/BufferZoneCorp/go-envconfig

Go

MAL-2026-3621

Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)

Malware
May 2026

github.com/BufferZoneCorp/net-helper

Go

MAL-2026-3629

Malicious code in github.com/BufferZoneCorp/net-helper (Go)

Malware
May 2026

github.com/BufferZoneCorp/go-retryablehttp

Go

MAL-2026-3623

Malicious code in github.com/BufferZoneCorp/go-retryablehttp (Go)

Malware
May 2026
Showing 2857 - 2880 of 228,613
PreviousNext
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001