Compromised Packages Drop Daily. Are You Running Any of Them?

Every few days, another batch of packages gets popped. A maintainer token leaks, an account gets phished, a typosquat slips into a registry, and suddenly there's malicious code published under a name your developers trust. The questions come in fast: what got compromised, what does it do, and the only one that actually matters to you, are we running it?

Answering that by hand is a slog. You read the advisory, cross-reference the package list, check three registries, then go spelunking through your repos to see if any of it is in your dependency tree. By the time you're done, the next batch has dropped.

Here's the same workflow in Mallory, end to end. From an overnight supply chain compromise to a scheduled audit of your GitHub org that emails you the answer every morning.

It starts as a story

When a supply chain compromise breaks, Mallory rolls the chatter into a single story. In this case, 31 packages published under Red Hat Cloud Services, flagged as a credential harvester. You get the details in one view: what was published, what the code does, a timeline of where it was first reported, and every source talking about it.

A Mallory Story titled 'Malicious npm Packages Hit Red Hat Scope and Broader Dependency Confusion Campaign', describing 31 packages published under the redhat-cloud-services npm scope carrying a multi-stage credential-stealing payload, with tags for supply chain compromise, dependency confusion, and credential theft. — One supply chain compromise, rolled into a single story with the details, sources, and a timeline.

The Timeline section of the Mallory Story, showing dated events: researchers reporting the Shai-Hulud campaign active with new GitHub-linked tradecraft, Red Hat disclosing 32 affected packages and weekly download volume, packages being removed, and affected environments confirmed unaffected. — The timeline: where it was first reported and how the situation developed, in one ordered view.

That's the part you'd normally assemble yourself, tab by tab. Mallory clusters it so you don't have to. Pop into chat from the story and the full context comes with you, ready to reason on.

A live stream of compromised packages

Stories are the situational picture. But for supply chain specifically, you want the firehose filtered down to one thing: what got compromised, right now.

That's the compromised packages stream. Everything flagged in the last 24 hours, newest first, with the Red Hat Cloud Services packages sitting at the top. Open any package and you get the compromised evidence and where it came from, traced back to the original sources. No guessing about why something landed on the list.

Mallory's Software Packages view filtered to the last 24 hours, with redhat-cloud-services packages trending at the top and a table of packages sorted by Compromise Evidence count across npm and PyPI. — The compromised packages stream. Everything flagged in the last 24 hours, ranked by compromise evidence.

The package detail page for @redhat-cloud-services/rbac-client, showing 13 reported compromise events in a Compromise Evidence table with columns for type, affected versions, context, source, and reported date. — Open any package for the compromised evidence, each event traced back to its source.

Ask, and it pulls from its own API

The stream is in the product, but you don't have to click through it. Ask in chat:

"Give me a list of the compromised packages in the last 24 hours."

Mallory pulls that directly from its own API and hands you the list. Same data, conversational access. Useful on its own, but it's the setup for the part that matters.

A Mallory agent thread answering 'give me a list of compromised packages in the last 24 hours' with a generated Compromised Packages list: a table of package names, ecosystem, compromise count, and last-compromised date, including several redhat-cloud-services packages. — Ask in chat and Mallory pulls the live list straight from its own API.

"Am I running any of these?"

This is where intelligence becomes action:

"Take this list of compromised packages and check my GitHub for them. I'd like to know if I'm running any of these. Go ahead and run an audit."

With GitHub connected, Mallory runs the audit itself. It loads the skills it needs, works through an investigation playbook (how to scope the search, what to look for, how to confirm a match), and checks your repos against the compromised list. GitHub is top of mind for most teams here, and the same approach extends across other connected services.

A Mallory agent thread responding to 'Am I running any of these packages? Check against all of my GitHub repos', showing several skills marked Completed and an entity search scanning the compromised package names against the connected GitHub repositories. — Mallory loads the skills, works an investigation playbook, and checks your repos against the list.

In the demo, the answer came back clean: no matches. That's the answer you actually wanted, in the time it took to ask the question, instead of an afternoon of manual cross-referencing.

The audit result: Mallory reports it checked all 60 non-archived GitHub repos and found no matches for the 10 compromised package names. A Result summary shows coverage complete, 60/60 repos scanned, 0 matches, plus a 'What this means' section and an honest caveat about SBOM coverage limits. — The answer you wanted: no matches across 60 repos, with an honest note on what the check can and can't see.

Put it on a schedule

A clean result today doesn't help you tomorrow, when the next batch drops. So don't run it once:

"Run this audit every 24 hours. Pull the latest compromised packages, run it at 6am every day, and email me the details."

Mallory turns that into a standing schedule. Every morning at 6, it refreshes the compromised package list, audits your GitHub, and emails you the result. It shows up in your schedules, and you can jump straight back into the thread anytime. The supply chain check moves from a thing you remember to do under pressure to a thing that's already done before you sit down.

Mallory's schedule panel creating a recurring agent named 'Daily Compromised Package GitHub Audit' with a prompt to email details on the latest compromised packages and audit all GitHub repos against them, set to run every day at 6 a.m. with status active. — The same request, turned into a standing schedule: refresh, audit, and email, every morning at 6.

Why this works

This isn't a checklist we automated. The story, the compromised stream, the chat, the audit, and the schedule are all sitting on top of the same data model and the same agent. The intelligence that tells you a package is compromised is the same intelligence the agent uses to go check whether you're running it, and the same thing that runs on a schedule while you sleep.

Supply chain compromise isn't slowing down. The work of figuring out whether it's your problem should.

Try Mallory for Free

From overnight compromise to a scheduled audit of your own repos. Supply chain intelligence that checks whether you're affected, automatically.

Get Started for Free