Malicious Package Supply Chain Tracker Scraper avatar

Malicious Package Supply Chain Tracker Scraper

Pricing

Pay per event

Go to Apify Store
Malicious Package Supply Chain Tracker Scraper

Malicious Package Supply Chain Tracker Scraper

Cross-ecosystem feed of confirmed malicious/typosquatted packages across npm, PyPI, crates.io, Go, Maven, NuGet, Packagist and RubyGems, sourced from the OSSF malicious-packages dataset (also feeds OSV.dev). Category taxonomy plus typosquat-target linkage for CI gating. Passive read only.

Pricing

Pay per event

Rating

0.0

(0)

Developer

BowTiedRaccoon

BowTiedRaccoon

Maintained by Community

Actor stats

0

Bookmarked

2

Total users

1

Monthly active users

4 days ago

Last modified

Share

Track confirmed malicious and typosquatted packages from the OSSF malicious-packages dataset, the canonical upstream that also feeds OSV.dev's MAL-* advisories. Returns normalized records across npm, PyPI, crates.io, Go, Maven, NuGet, Packagist, and RubyGems — over 230,000 confirmed-malicious advisories, growing daily.


Malicious Package Supply Chain Tracker Scraper Features

  • Unions confirmed malicious/typosquatted package advisories across 8 ecosystems into one schema
  • Classifies each record into a category taxonomy — malware, typosquat, dependency confusion, protestware, compromised — instead of leaving you to parse free-text summaries
  • Extracts the legitimate package name a malicious one imitates, when the advisory text states it
  • Pure HTTP data read — no browser, no proxy, no anti-bot dance
  • Round-robins across whichever ecosystems you select, so a small maxItems still samples every ecosystem you asked for instead of exhausting npm alone (npm outnumbers every other ecosystem combined)
  • Ships a delta mode that returns only advisories new since your last run, for continuous CI-gating feeds
  • Never downloads, installs, or executes any package artifact — reads published advisory metadata only

Who Uses Malicious Package Data?

  • AppSec engineers — gate CI pipelines against confirmed-malicious packages before they land in a lockfile
  • SCA tool builders — enrich existing vulnerability feeds with a cross-ecosystem malicious-package layer most single-ecosystem tools skip
  • Security researchers — track typosquat campaigns and dependency-confusion waves across npm and PyPI without stitching together five different feeds
  • Platform teams — feed a denylist into an internal package proxy or registry mirror
  • Threat intel analysts — monitor the daily delta for new campaign activity, or at least know when someone starts squatting on your package name

How It Works

  1. Pick the ecosystems you care about (npm and PyPI by default) and a maxItems cap.
  2. The scraper reads the OSSF malicious-packages dataset and normalizes each advisory — package name, category, affected versions, references — into one consistent schema.
  3. Records come back round-robin across your selected ecosystems, so a 20-item run with ["npm", "pypi", "rubygems"] gives you a mix of all three, not 20 npm rows.
  4. Switch to mode: "delta" on a scheduled run and get only the advisories added since the last delta run — the actor remembers what it already sent you.

Input

{
"ecosystems": ["npm", "pypi"],
"mode": "full",
"maxItems": 100
}
FieldTypeDefaultDescription
ecosystemsarray["npm", "pypi"]Ecosystems to include: npm, pypi, crates.io, go, maven, nuget, packagist, rubygems
modestringfullfull returns the matching corpus each run. delta returns only advisories new since your last delta run on this actor
maxItemsinteger100Maximum number of records to return

Delta mode example

{
"ecosystems": ["npm", "pypi", "rubygems"],
"mode": "delta",
"maxItems": 500
}

Run this on a schedule and each run only returns advisories the actor hasn't handed you before. First run behaves like full mode since nothing has been seen yet.


Malicious Package Supply Chain Tracker Scraper Output Fields

{
"package_name": "acloud-client",
"ecosystem": "PyPI",
"malicious_id": "MAL-2025-2929",
"category": "malware",
"typosquat_of": null,
"affected_versions": ["1.0.0", "1.0.1"],
"summary": "Malicious code in acloud-client (PyPI)",
"details": "Clones of the legit aliyun-python-sdk-core package that exfiltrate cloud credentials...",
"published": "2025-02-25T18:18:21Z",
"modified": "2026-03-19T12:23:25Z",
"source_dataset": "ossf",
"references": ["https://security.snyk.io/vuln/SNYK-PYTHON-ACLOUDCLIENT-12201342"],
"severity": null,
"withdrawn": false,
"scraped_at": "2026-07-13T09:49:11.135Z"
}
FieldTypeDescription
package_namestringName of the affected package as published to the ecosystem registry
ecosystemstringnpm, PyPI, crates.io, Go, Maven, NuGet, Packagist, or RubyGems
malicious_idstringOSV/OSSF advisory id (e.g. MAL-2024-1677)
categorystringmalware, typosquat, dependency_confusion, protestware, compromised, or pentest
typosquat_ofstring | nullLegitimate package name this one appears to imitate, when the advisory text says so — never guessed
affected_versionsarrayAffected version strings
summarystringOne-line advisory summary
detailsstringFull advisory details / analyst notes
publishedstringISO 8601 timestamp the advisory was first published
modifiedstringISO 8601 timestamp the advisory was last modified
source_datasetstringOrigin dataset tag — currently always ossf
referencesarrayReference URLs and finder credit links
severitystring | nullSeverity if present in the source advisory — most malicious-package records don't carry a CVSS score, so this is usually null
withdrawnbooleantrue if the advisory carries a withdrawn timestamp (retracted)
scraped_atstringISO 8601 timestamp this actor run captured the record

FAQ

How do I scrape confirmed malicious npm and PyPI packages?

Malicious Package Supply Chain Tracker Scraper does it in one input field. Set ecosystems: ["npm", "pypi"], pick a maxItems, and run — you get normalized records with category classification and typosquat linkage, not raw advisory JSON you have to parse yourself.

How much does Malicious Package Supply Chain Tracker Scraper cost to run?

Standard per-record PPE pricing — you pay for records returned, not for the dataset download underneath. There's no proxy or browser cost baked in, since this is a plain HTTP read.

What data can I get on malicious packages?

Package name, ecosystem, advisory id, category (malware, typosquat, dependency confusion, protestware, compromised), affected versions, references, and — when the advisory text states it — the legitimate package a malicious one is impersonating.

Can I filter by ecosystem?

Yes. The ecosystems array accepts any combination of npm, PyPI, crates.io, Go, Maven, NuGet, Packagist, and RubyGems. Results round-robin across whatever you select.

Does Malicious Package Supply Chain Tracker Scraper need proxies?

No. It reads a publicly published dataset over plain HTTPS. No proxy, no browser, no anti-bot handling required.

Will this actor download or run any malicious package?

No. It reads advisory metadata only — package names, versions, summaries, references. It never fetches, installs, or executes a package artifact from any registry.


Need More Features?

Need additional ecosystems, a different category taxonomy, or campaign-level grouping? File an issue or get in touch.

Why Use Malicious Package Supply Chain Tracker Scraper?

  • Cross-ecosystem — one schema across 8 package registries, where most competitors cover a single ecosystem or generic advisories
  • Classified, not raw — category taxonomy and typosquat-target linkage extracted for you, so you're not regex-ing advisory text at 2am
  • Built for CI — delta mode returns only what's new since your last run, which is the shape a gating pipeline actually wants