Supply Chain Incidents

MAL-2026-5337

Malicious code in solana-web3 (PyPI)

spl-token-py

MAL-2026-5339

Malicious code in spl-token-py (PyPI)

xfoobar

MAL-2026-5335

Malicious code in xfoobar (PyPI)

spaysrbx

MAL-2026-5334

Malicious code in spaysrbx (PyPI)

nerfstudio-gs

MAL-2026-5333

Malicious code in nerfstudio-gs (PyPI)

bittensor-burn

MAL-2026-5331

Malicious code in bittensor-burn (PyPI)

xforpy

MAL-2026-5332

Malicious code in xforpy (PyPI)

odoo-addon-spp-base

MAL-2026-5367

Malicious code in odoo-addon-spp-base (PyPI)

bittensor-burn-alert

MAL-2026-5330

Malicious code in bittensor-burn-alert (PyPI)

@zimmo/last_search

MAL-2026-5328

Malicious code in @zimmo/last_search (npm)

@listings/energy-labels

MAL-2026-5327

Malicious code in @listings/energy-labels (npm)

spaysdatarbx

MAL-2026-5329

Malicious code in spaysdatarbx (PyPI)

quickwinston

MAL-2026-5365

Malicious code in quickwinston (npm)

bt-burn-watch

MAL-2026-5312

Malicious code in bt-burn-watch (PyPI)

bittensor-burn-monitor

MAL-2026-5311

Malicious code in bittensor-burn-monitor (PyPI)

openai-mcp

MAL-2026-5320

Malicious code in openai-mcp (PyPI)

tiktoken-mcp

MAL-2026-5326

Malicious code in tiktoken-mcp (PyPI)

classwind-utils

MAL-2026-5307

Malicious code in classwind-utils (npm)

nodemon-lint

MAL-2026-5309

Malicious code in nodemon-lint (npm)

regexp-ts

MAL-2026-5310

Malicious code in regexp-ts (npm)

chai-mocks

MAL-2026-5306

Malicious code in chai-mocks (npm)

nodemon-copack

MAL-2026-5308

Malicious code in nodemon-copack (npm)

tlask

MAL-2026-5305

Malicious code in tlask (PyPI)

rlask

MAL-2026-5303

Malicious code in rlask (PyPI)