Malicious packages, on record.
Track recently blocked npm package versions from LPM Firewall scans and public OSV/GHSA advisories. Open any row for the affected version, evidence summary, verdict source, and current install policy.
Latest malicious packages
Static source inspection confirms unconsented import-time execution of a detached helper that retrieves and evaluates remote payloads. This is concrete malicious behavior, not merely a su...
The inspected source confirms unconsented install-time collection and exfiltration of environment and host metadata to external endpoints. The declared security-research PoC purpose does...
Source inspection confirms package.json lifecycle execution and install-time writes/registration into Trae, Cursor, Claude/MCP-style agent surfaces outside the package namespace. This mat...
Source inspection confirms automatic postinstall writes into consumer .claude agent-control paths, matching the blockable AI-agent control hijack policy. The native pruning and restart no...
Direct source inspection confirms a postinstall lifecycle script that installs package-supplied instructions into multiple home-level AI-agent surfaces by default. Under the supplied inst...
Static inspection confirms concrete protestware in the shipped main bundle, despite otherwise package-aligned checkout API behavior and no install hook. Because the code can intentionally...
Direct source inspection confirms a deceptive package-aligned facade with runtime remote code execution from an attacker-controlled endpoint. Lack of lifecycle hooks reduces install-time...
Static source inspection confirms lifecycle-triggered writes to foreign/broad Claude skill and MCP control surfaces, including home config files and auto-latest MCP registration. Under th...
This is not install-time malware, but the runtime package deliberately creates a remotely reachable AI-agent control path with normal approval/sandbox protections disabled and persistent...
Source inspection confirms server-controlled remote code execution from a non-package-aligned host in a package that misrepresents its purpose. The lack of install-time execution lowers a...