Supply Chain Incidents

Malicious packages, backdoors, typosquats, and dependency confusion attacks

228,624
Total Incidents
npmPyPIRubyGemsGocrates.ioNuGetPackagist

syntax-class-constructor-call

npm

MAL-0000-phantomraven-syntax-class-constructor-call

Malicious npm package: syntax-class-constructor-call (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

transform-es2015-parameters

npm

MAL-0000-phantomraven-transform-es2015-parameters

Malicious npm package: transform-es2015-parameters (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

transform-undefined-to-void

npm

MAL-0000-phantomraven-transform-undefined-to-void

Malicious npm package: transform-undefined-to-void (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

filenames-simple

npm

MAL-0000-phantomraven-filenames-simple

Malicious npm package: filenames-simple (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

transform-proto-to-assign

npm

MAL-0000-phantomraven-transform-proto-to-assign

Malicious npm package: transform-proto-to-assign (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

add-react-displayname

npm

MAL-0000-phantomraven-add-react-displayname

Malicious npm package: add-react-displayname (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

yoshi-base

npm

MAL-0000-phantomraven-yoshi-base

Malicious npm package: yoshi-base (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

typescript-rtk-query

npm

MAL-0000-phantomraven-typescript-rtk-query

Malicious npm package: typescript-rtk-query (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

import-zod

npm

MAL-0000-phantomraven-import-zod

Malicious npm package: import-zod (PhantomRaven campaign, Wave 4)

Malware
Mar 2026

transform-es2015-duplicate-keys

npm

MAL-0000-phantomraven-transform-es2015-duplicate-keys

Malicious npm package: transform-es2015-duplicate-keys (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

syntax-function-bind

npm

MAL-0000-phantomraven-syntax-function-bind

Malicious npm package: syntax-function-bind (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

syntax-do-expressions

npm

MAL-0000-phantomraven-syntax-do-expressions

Malicious npm package: syntax-do-expressions (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

transform-inline-consecutive-adds

npm

MAL-0000-phantomraven-transform-inline-consecutive-adds

Malicious npm package: transform-inline-consecutive-adds (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

react-you-might-not-need-an-effect

npm

MAL-0000-phantomraven-react-you-might-not-need-an-effect

Malicious npm package: react-you-might-not-need-an-effect (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

import-newlines

npm

MAL-0000-phantomraven-import-newlines

Malicious npm package: import-newlines (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

es6-recommended

npm

MAL-0000-phantomraven-es6-recommended

Malicious npm package: es6-recommended (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

syntax-decorators

npm

MAL-0000-phantomraven-syntax-decorators

Malicious npm package: syntax-decorators (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

pymnemonic

PyPI

MAL-2026-1438

Malicious code in pymnemonic (PyPI)

Malware
Mar 2026

do-not-install-this-package-004

PyPI

MAL-2026-1436

Malicious code in do-not-install-this-package-004 (PyPI)

Malware
Mar 2026

flowpeek

PyPI

MAL-2026-1437

Malicious code in flowpeek (PyPI)

Malware
Mar 2026

kvstore-pb2-grpc

PyPI

MAL-2026-1433

Malicious code in kvstore-pb2-grpc (PyPI)

Typosquat
Mar 2026

dgl-cu117

PyPI

MAL-2026-1432

Malicious code in dgl-cu117 (PyPI)

Typosquat
Mar 2026

python-anchor

PyPI

MAL-2026-1435

Malicious code in python-anchor (PyPI)

Typosquat
Mar 2026

my-super-lib

PyPI

MAL-2026-1434

Malicious code in my-super-lib (PyPI)

Typosquat
Mar 2026
Showing 5185 - 5208 of 228,624
PreviousNext
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001