Supply Chain Incidents

Malicious packages, backdoors, typosquats, and dependency confusion attacks

225,187
Total Incidents
npmPyPIRubyGemsGocrates.ioNuGetPackagist

vtimmmmmm-test

npm

MAL-2026-1449

Malicious code in vtimmmmmm-test (npm)

Malware
Mar 2026

nest-moralis

npm

MAL-2026-1445

Malicious code in nest-moralis (npm)

Malware
Mar 2026

up2-daemon

npm

MAL-2026-1448

Malicious code in up2-daemon (npm)

Malware
Mar 2026

todo-plz

npm

MAL-0000-phantomraven-todo-plz

Malicious npm package: todo-plz (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

transform-jscript

npm

MAL-0000-phantomraven-transform-jscript

Malicious npm package: transform-jscript (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

no-type-assertion

npm

MAL-0000-phantomraven-no-type-assertion

Malicious npm package: no-type-assertion (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

pear-wrk-wdk

npm

MAL-0000-phantomraven-pear-wrk-wdk

Malicious npm package: pear-wrk-wdk (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

transform-for-of

npm

MAL-0000-phantomraven-transform-for-of

Malicious npm package: transform-for-of (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

transform-minify-booleans

npm

MAL-0000-phantomraven-transform-minify-booleans

Malicious npm package: transform-minify-booleans (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

urql-introspection

npm

MAL-0000-phantomraven-urql-introspection

Malicious npm package: urql-introspection (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

transform-dynamic-import

npm

MAL-0000-phantomraven-transform-dynamic-import

Malicious npm package: transform-dynamic-import (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

clean-order

npm

MAL-0000-phantomraven-clean-order

Malicious npm package: clean-order (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

transform-dev

npm

MAL-0000-phantomraven-transform-dev

Malicious npm package: transform-dev (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

typescript-vue-apollo-smart-ops

npm

MAL-0000-phantomraven-typescript-vue-apollo-smart-ops

Malicious npm package: typescript-vue-apollo-smart-ops (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

@storylane/shared-packages

npm

MAL-0000-phantomraven-_storylane_shared-packages

Malicious npm package: @storylane/shared-packages (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

@storylane/uikit

npm

MAL-0000-phantomraven-_storylane_uikit

Malicious npm package: @storylane/uikit (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

typescript-react-query

npm

MAL-0000-phantomraven-typescript-react-query

Malicious npm package: typescript-react-query (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

typescript-urql

npm

MAL-0000-phantomraven-typescript-urql

Malicious npm package: typescript-urql (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

transform-charcodes

npm

MAL-0000-phantomraven-transform-charcodes

Malicious npm package: transform-charcodes (PhantomRaven campaign, Wave 3)

Malware
Mar 2026

better-styled-components

npm

MAL-0000-phantomraven-better-styled-components

Malicious npm package: better-styled-components (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

mui-path-imports

npm

MAL-0000-phantomraven-mui-path-imports

Malicious npm package: mui-path-imports (PhantomRaven campaign, Wave 4)

Malware
Mar 2026

styled-components-a11y

npm

MAL-0000-phantomraven-styled-components-a11y

Malicious npm package: styled-components-a11y (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

vitest-globals

npm

MAL-0000-phantomraven-vitest-globals

Malicious npm package: vitest-globals (PhantomRaven campaign, Wave 2)

Malware
Mar 2026

transform-es2015-spread

npm

MAL-0000-phantomraven-transform-es2015-spread

Malicious npm package: transform-es2015-spread (PhantomRaven campaign, Wave 3)

Malware
Mar 2026
Showing 1681 - 1704 of 225,187
PreviousNext
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001