PkgRadar

For platform & security teams

Block malicious npm, PyPI, RubyGems, Cargo, Maven, NuGet, Composer, Go & Pub releases before they reach your CI.

PkgRadar inspects every fresh npm, PyPI, RubyGems, Cargo, Maven, NuGet, Composer, Go, and Pub release, correlates suspicious behavior into campaign candidates, and gates your builds via API — before a compromised dependency reaches your pipeline.

26,330 malicious & compromised packages flagged · 1,623,088 scanned across 9 ecosystems — and counting.

npmPyPIRubyGemsCargoMavenNuGetComposer
162 candidates26,330 high risk65,628 findings
Start free — 25 scans / moSee live intelligence
9 ecosystemsPre-merge CI gateFree tier, no card

Coverage by ecosystem

The same gate, nine registries. Per-ecosystem detail →

npm975,525scanned10,836 highPyPI115,086scanned7,005 highRubyGems3,981scanned73 highCargo71,840scanned848 highMaven752scanned0 highNuGet87,252scanned1 highComposer10,408scanned434 highGo modules351,937scanned7,107 highPub (Dart)6,307scanned26 high

Candidate cluster queue

162
CandidateStatusEvidenceAffectedTop signalLast seen
Repeated static TTPpy_runtime_base64_decode:base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Unconfirmed
99%strength
3163releases
Repeated static TTP
Current corpus
Repeated static TTPpy_import_time_network_call:network call (urllib/requests/httpx/http.client) at install or import time.
Unconfirmed
99%strength
1330releases
Repeated static TTP
Current corpus
Repeated static TTPwebhook_exfil_endpoint:matched "ngrok-free.app"
Unconfirmed
99%strength
1079releases
Repeated static TTP
Current corpus
Repeated static TTPpy_runtime_dynamic_dangerous_import:dynamic __import__('os') — reflection bypass for static checks.
Unconfirmed
99%strength
1067releases
Repeated static TTP
Current corpus
Repeated static TTPwebhook_exfil_endpoint:matched "api.telegram.org/bot"
Unconfirmed
99%strength
749releases
Repeated static TTP
Current corpus
View all candidates

High-signal release queue

1
PackageVerdictScoreWhy flaggedAction
Review
7score
Static evidence review
Review
Review release evidence

Detection model

From registry update to build decision

Research notes
Registry feedFresh package updates
Static unpackNo install or execution
Manifest diffBehavior changes
TTP extractionCredential and CI signals
Candidate correlationShared evidence
CI decisionBlock or monitor

API verdict

Low risk
{
  "package": "[email protected]",
  "verdict": "low",
  "score": 0,
  "mode": "static",
  "decision": "review"
}
CI gatecurl -X POST /gate/npm -H 'Authorization: Bearer $PKGRADAR_TOKEN'

Real attacks

Built to catch the supply-chain attacks teams actually face.

Shai-Hulud worm. tj-actions/changed-files takeover. ua-parser-js postinstall miner. event-stream / flatmap-stream. colors.js + faker.js sabotage. polyfill.io takeover. @solana/web3.js key exfiltration. We map each one to the static indicators PkgRadar already hunts.

See the full list

Audit-ready evidence

Maps to SOC 2, NIST SSDF, ISO 27001, EU CRA.

Every static finding, gate decision, and campaign record is an artefact your auditor can sample. The /trust page enumerates the exact controls PkgRadar evidences — CC7 monitoring, CC8 change management, NIST SSDF PW.4 dependency verification, ISO 27001 A.5.21 supply chain, EU CRA Article 13 due diligence.

Read the trust mapping

  • SOC 2CC7 monitoring · CC8 change mgmt · CC9 vendor risk
  • NIST SSDF v1.1PW.4 dependency review · PW.7 analysis · RV.1
  • ISO 27001:2022A.5.21 supply chain · A.8.28 secure coding
  • EU CRAAnnex I §1+§2 · Article 13 due diligence