malicious-packages-db

Here are 2 public repositories matching this topic...

triconinfotech / shai-hulud-malicious-packages

Autonomous “Shai-Hulud” engine that ingests malicious NPM package advisories from OSV, tracks versions and metadata, and maintains a continuously updated threat intelligence database.

nodejs npm security automation infosec osv security-tools devsecops threat-intelligence malware-detection github-actions open-source-security supply-chain-security package-security npm-security shai-hulud shai-hulud-detector shai-hulud2-detector malicious-packages-db

Updated Jan 2, 2026
JavaScript

bnreplah / malicious-packages-ossf

Star

A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.

appsec malicious-packages malicious-packages-db

Updated Sep 4, 2025
Go

Improve this page

Add a description, image, and links to the malicious-packages-db topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the malicious-packages-db topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly