Supply Chain Incidents

Malicious packages, backdoors, typosquats, and dependency confusion attacks

228,766
Total Incidents

victim-package-b

npm

MAL-2026-400

Malicious code in victim-package-b (npm)

Malware
Jan 2026

victim-package-c

npm

MAL-2026-401

Malicious code in victim-package-c (npm)

Malware
Jan 2026

potdf

npm

MAL-2026-377

Malicious code in potdf (npm)

Malware
Jan 2026

coolpackage2323

PyPI

MAL-2026-376

Malicious code in coolpackage2323 (PyPI)

Malware
Jan 2026

spellcheckerpy

PyPI

MAL-2026-375

Malicious code in spellcheckerpy (PyPI)

Malware
Jan 2026

github.com/esm-dev/esm.sh

Go

GHSA-2657-3c98-63jq

esm.sh has a path traversal in extractPackageTarball enables file writes from malicious packages

Malware
1 CVE
Jan 2026

mised-discordjs-selfbot-v14

npm

MAL-2026-374

Malicious code in mised-discordjs-selfbot-v14 (npm)

Malware
Jan 2026

theme-neutral

npm

MAL-2026-371

Malicious code in theme-neutral (npm)

Malware
Jan 2026

sezzle

npm

MAL-2026-370

Malicious code in sezzle (npm)

Malware
Jan 2026

webmd-debug

npm

MAL-2026-373

Malicious code in webmd-debug (npm)

Malware
Jan 2026

mw-proto-models

npm

MAL-2026-368

Malicious code in mw-proto-models (npm)

Malware
Jan 2026

mw-shared-utils

npm

MAL-2026-369

Malicious code in mw-shared-utils (npm)

Malware
Jan 2026

webmd-cookie

npm

MAL-2026-372

Malicious code in webmd-cookie (npm)

Malware
Jan 2026

dreame-claude

npm

MAL-2026-359

Malicious code in dreame-claude (npm)

Malware
Jan 2026

pl-global-ec-uikit

npm

MAL-2026-363

Malicious code in pl-global-ec-uikit (npm)

Malware
Jan 2026

uq-global-ec-uikit

npm

MAL-2026-367

Malicious code in uq-global-ec-uikit (npm)

Malware
Jan 2026

shared-global-ec-uikit

npm

MAL-2026-364

Malicious code in shared-global-ec-uikit (npm)

Malware
Jan 2026

gu-global-ec-uikit

npm

MAL-2026-361

Malicious code in gu-global-ec-uikit (npm)

Malware
Jan 2026

excel-to-json-test

npm

MAL-2026-360

Malicious code in excel-to-json-test (npm)

Malware
Jan 2026

telia-eventapi-client

npm

MAL-2026-365

Malicious code in telia-eventapi-client (npm)

Malware
Jan 2026

testing-package-bose

npm

MAL-2026-366

Malicious code in testing-package-bose (npm)

Malware
Jan 2026

chai-bin

npm

MAL-2026-357

Malicious code in chai-bin (npm)

Malware
Jan 2026

health-check-node

npm

MAL-2026-362

Malicious code in health-check-node (npm)

Malware
Jan 2026

dot-env-buffer

npm

MAL-2026-358

Malicious code in dot-env-buffer (npm)

Malware
Jan 2026
Showing 6409 - 6432 of 228,766
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001