Live intelligence
Active supply-chain campaigns
PkgRadar groups suspicious releases by shared payload hosts, repeated indicators, publisher bursts, and version-diff evidence. Static inspection only — no install hooks or package code is executed.
Scanned725,556
High risk9,199
Active campaigns97
Smoking-gun findings40,230
Narrow by ecosystem
Open the per-ecosystem detail.
npm4,550 high · 482,169 scannedPyPI3,010 high · 50,723 scannedRubyGems27 high · 1,800 scannedCargo253 high · 30,658 scannedMaven0 high · 545 scannedNuGet0 high · 34,890 scannedComposer148 high · 4,394 scannedGo modules1,208 high · 118,229 scannedPub (Dart)3 high · 2,148 scanned TTP ledger
Repeated tactics in this corpus
criticalDNS/OAST exfil
3 records · 219 releasesPackage code references DNS resolution or OAST-style infrastructure that can move data out through lookup side effects.
burpcollaborator.netoastify.comoast.fun
270 max scoreBlock and investigate for exfiltration behavior before allowing the release.
criticalPackaged credential file
1 records · 271 releasesThe published artifact contains a file path that commonly stores credentials or registry tokens.
package/.env
109 max scoreTreat as exposure risk; inspect the package artifact and rotate any matching secrets.
highCredential access
1 records · 144 releasesCode references files or environment names commonly used to steal developer, cloud, registry, or CI credentials.
.npmrc
360 max scoreBlock in CI until the package maintainer explains why credential material is referenced.
Show 3 more TTP families
highInstall-time execution
3 records · 353 releasesThe manifest runs code during install, prepare, or postinstall, sometimes hiding failures or invoking interpreters.
highSilent install behavior
1 records · 106 releasesThe manifest runs code during install, prepare, or postinstall, sometimes hiding failures or invoking interpreters.
mediumPy Runtime Base64 Decode
1 records · 1,364 releasesRepeated static behavior appeared across multiple package releases.
How to read this feed
Scoring & labels
- Candidate
- Grouped by static evidence — not yet a public attribution claim.
- Max score
- Highest release score in this group. Each (kind, detail) bucket caps at 50 points; each kind caps at 100. A high-severity finding plus score ≥ 45 is auto-block territory.
- Strength
- 0–100 confidence in the grouping, weighted by member count, score, and event volume.
- Confirmed
- Cross-referenced against OSV malicious-package advisories. Confirmed matches are pinned to high regardless of other signals.
- Active
- Updated by the hunter on the most recent ingest pass.
Candidate clusters
Campaigns and clusters spotted by the hunter
Showing the 12 highest-priority campaign records from 50 active records.
ttp detail
Py Install Time Network Call — network call (urllib/requests/httpx/http.client) at install or import time.
Py Install Time Network Call — network call (urllib/requests/httpx/http.client) at install or import time.
67 members360 max score90 strength
publisher high risk
Publisher burst: Nous Research
Nous Research
3 members360 max score68 strength
ttp detail
Py Import Time Network Call — network call (urllib/requests/httpx/http.client) at install or import time.
Py Import Time Network Call — network call (urllib/requests/httpx/http.client) at install or import time.
582 members360 max score90 strength
ttp detail
Py Runtime Base64 Decode — base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Py Runtime Base64 Decode — base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
1,364 members360 max score90 strength
ttp detail
Credential file access — matched ".npmrc"
Credential file access — matched ".npmrc"
144 members360 max score90 strength
ttp detail
Install Lifecycle Remote Or Exec — postinstall="node scripts/postinstall.js"
Install Lifecycle Remote Or Exec — postinstall="node scripts/postinstall.js"
295 members357 max score90 strength
ttp detail
Webhook Exfil Endpoint — matched "ngrok-free.app"
Webhook Exfil Endpoint — matched "ngrok-free.app"
376 members333 max score90 strength
ttp detail
Webhook Exfil Endpoint — matched "ngrok.app"
Webhook Exfil Endpoint — matched "ngrok.app"
285 members333 max score90 strength
publisher high risk
Publisher burst: agentai2026
agentai2026
5 members333 max score84 strength
ttp detail
Webhook Exfil Endpoint — matched "api.telegram.org/bot"
Webhook Exfil Endpoint — matched "api.telegram.org/bot"
344 members333 max score90 strength
ttp detail
Js Split Join Obfuscation — array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis.
Js Split Join Obfuscation — array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis.
37 members333 max score90 strength
ttp detail
Py Runtime Dynamic Dangerous Import — dynamic __import__('os') — reflection bypass for static checks.
Py Runtime Dynamic Dangerous Import — dynamic __import__('os') — reflection bypass for static checks.
505 members284 max score90 strength
High-signal releases
Recent packages with saved static evidence
Showing the 1 highest-scoring flagged releases from 12 saved scans (low-risk omitted).