Supply Chain Incidents

Malicious packages, backdoors, typosquats, and dependency confusion attacks

228,576
Total Incidents
npmPyPIRubyGemsGocrates.ioNuGetPackagist

fusion-events

npm

MAL-2026-2692

Malicious code in fusion-events (npm)

Malware
Apr 2026

@pnc-ref/harmony-support-v18

npm

MAL-2026-2690

Malicious code in @pnc-ref/harmony-support-v18 (npm)

Malware
Apr 2026

@pnc-ref/harmony-core-v18

npm

MAL-2026-2689

Malicious code in @pnc-ref/harmony-core-v18 (npm)

Malware
Apr 2026

@pnc-cib/cib-core-lib

npm

MAL-2026-2688

Malicious code in @pnc-cib/cib-core-lib (npm)

Malware
Apr 2026

com.baogong.app_push_permission

npm

MAL-2026-2687

Malicious code in com.baogong.app_push_permission (npm)

Malware
Apr 2026

react-dom-19

npm

MAL-2026-2685

Malicious code in react-dom-19 (npm)

Malware
Apr 2026

neverinstallme

PyPI

MAL-2026-2686

Malicious code in neverinstallme (PyPI)

Malware
Apr 2026

tensorzero-node

npm

MAL-2026-2684

Malicious code in tensorzero-node (npm)

Malware
Apr 2026

@athena-ui-components/axios

npm

MAL-2026-2683

Malicious code in @athena-ui-components/axios (npm)

Malware
Apr 2026

@athena-ui-components/dashboard-widget

npm

MAL-2026-2681

Malicious code in @athena-ui-components/dashboard-widget (npm)

Malware
Apr 2026

@athena-ui-components/deeplink

npm

MAL-2026-2682

Malicious code in @athena-ui-components/deeplink (npm)

Malware
Apr 2026

@jesusvizcaino2021/com.baogong.app-push-permission

npm

MAL-2026-2916

Malicious code in @jesusvizcaino2021/com.baogong.app-push-permission (npm)

Malware
Apr 2026

js-logger-pack

npm

MAL-2026-2827

Malicious code in js-logger-pack (npm)

Malware
Apr 2026

@veygo/component-library

npm

MAL-2026-2680

Malicious code in @veygo/component-library (npm)

Malware
Apr 2026

pdf-linker

npm

MAL-2026-2677

Malicious code in pdf-linker (npm)

Malware
Apr 2026

snitz-chief-cloud-config

npm

MAL-2026-2679

Malicious code in snitz-chief-cloud-config (npm)

Malware
Apr 2026

snitz-chief-cloud

npm

MAL-2026-2678

Malicious code in snitz-chief-cloud (npm)

Malware
Apr 2026

chief-proxy-out

npm

MAL-2026-2674

Malicious code in chief-proxy-out (npm)

Malware
Apr 2026

chief-documentation

npm

MAL-2026-2673

Malicious code in chief-documentation (npm)

Malware
Apr 2026

moscova-plural-json-parser

npm

MAL-2026-2676

Malicious code in moscova-plural-json-parser (npm)

Malware
Apr 2026

mongoose-stamps

npm

MAL-2026-2675

Malicious code in mongoose-stamps (npm)

Malware
Apr 2026

ahmed_salem_ph

npm

MAL-2026-2672

Malicious code in ahmed_salem_ph (npm)

Malware
Apr 2026

github.com/zarf-dev/zarf

Go

GHSA-pj97-4p9w-gx3q

Zarf has a Path Traversal via Malicious Package Metadata.Name — Arbitrary File Write

Malware
1 CVE
Apr 2026

kryptex-os

PyPI

MAL-2026-2671

Malicious code in kryptex-os (PyPI)

Typosquat
Apr 2026
Showing 3793 - 3816 of 228,576
PreviousNext
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001