Supply-chain attacks we’ve detected

MAL-2023-462 Malicious code in fsevents (npm)

Native Access to MacOS FSEvents

MAL-2025-21003 Malicious code in fs (npm)

This package name is not currently in use, but was formerly occupied by another package. To avoid malicious use, npm is hanging on to the package name, but loosely, and we'll probably give it to you if you want it.

MAL-2026-3020 Malicious code in @bitwarden/cli (npm)

A secure and free password manager for all of your devices.

MAL-2026-3288 Malicious code in common-tg-service (npm)

Common Telegram service for NestJS applications

MAL-2026-3077 Malicious code in axis-charts (npm)

Internal automation library.

MAL-2026-3078 Malicious code in axis-notification (npm)

Internal automation library.

MAL-2026-3079 Malicious code in axis-ui-generator (npm)

Internal automation library.

MAL-2026-3059 Malicious code in @clearpool/utils (npm)

Internal automation library.

MAL-2026-3069 Malicious code in @tochka-ui/foundation (npm)

gigaid utilities

MAL-2026-3068 Malicious code in @sbt_gitverse/analytics-client (npm)

analytics-client utilities

MAL-2026-3304 Malicious code in apcyber-test-package (npm)

Internal automation library.

MAL-2026-3075 Malicious code in axis-abc-search-account (npm)

Internal automation library.

MAL-2026-3074 Malicious code in axis-abc-portal-menu (npm)

Internal automation library.

MAL-2026-3076 Malicious code in axis-abc-search-address (npm)

Internal automation library.

MAL-2026-2862 Malicious code in rtms-manager (npm)

Dependency Confusion poc

MAL-2026-3040 Malicious code in apollo-vertex (npm)

MAL-2026-3038 Malicious code in apollo-landing (npm)

MAL-2026-3037 Malicious code in standalone-apps (npm)

MAL-2026-3036 Malicious code in uipath-ui-widgets (npm)

MAL-2026-3039 Malicious code in process-app-task (npm)

MAL-2026-3033 Malicious code in tether-base (npm)

Test package for dependency confusion detection

MAL-2026-3052 Malicious code in @alfa.life.mapp/app.web (npm)

app.web utilities