Every malicious package we've ever found. Searchable. Real-time.
O3's Malware Database is a continuously updated threat intelligence feed of malicious packages, typosquats, compromised maintainers, and indicators of compromise. Search it, integrate it, or let O3 check your stack against it automatically.
Every malicious package we've found. Searchable. Updated in real time.
O3's database is a continuously updated threat intelligence feed of malicious packages, typosquats, compromised maintainers, and indicators of compromise — ingested from every major registry before disclosure.
One character off can cost everything. We catch it before it enters your lockfile.
O3 maintains a phonetic and edit-distance similarity index against every popular package. Typosquats are detected before they appear in your lockfile — including transitive dependency confusion attacks.
C2 IPs. Exfiltration domains. YARA rules. Straight to your SIEM.
Indicators of compromise extracted from malicious packages — C2 IPs, exfiltration domains, payload hashes — are available as a structured feed for SIEM integration, firewall rule generation, and threat hunting.
Your manifest vs 50,000+ malicious packages. Checked continuously. Alerted instantly.
O3 continuously cross-references your project's dependency manifests against the malware database. When a new malicious package entry matches your stack, you get an immediate alert — no manual query required.
Threat intelligence that stays ahead of attackers.
Access O3's continuously updated malware database and stop threats before they reach your pipeline.