SAFEDEP THREAT INTELLIGENCE
Threat Intelligence Data Hub
A human-curated feed of indicators, campaigns, and malicious packages, compiled from SafeDep security research. Structured, evidence-backed, and free to browse, copy, and export. No login required.
Need real-time, machine-speed verdicts across every ecosystem? See the Threat Intelligence Feed or book a demo.
321
Indicators
669
Malicious packages
18
Campaigns
33
TTPs
BROWSE BY
Indicators of Compromise →
Domains, IPs, emails, hashes, wallets. Filter, copy, export.
321 indicators
Campaigns →
Named operations tying packages, IOCs and TTPs together.
18 campaigns
Malicious Packages →
By ecosystem and version. "Is this dep bad?" lookups.
669 packages
TTPs →
Attack patterns mapped to MITRE ATT&CK techniques.
33 TTPs
RECENT ACTIVITY
view feed →2026-05-26 package npm/forge-jsxy 2026-05-26 indicator ws://204.10.194.247:9877 2026-05-26 indicator http://204.10.194.247:8765 2026-05-26 indicator [email protected] 2026-05-26 indicator taohunter.ai 2026-05-26 indicator 4938d47fe6216f8f9fee0527bf5112c04c15a9ea62f87869677619aa5400f09f 2026-05-26 indicator 8070daba5d6ca61c357574526d1e0f468ae575a4edf74cc90a8d8b8c78e3aeef 2026-05-26 indicator ~/.config/systemd/user/forge-js-worker.service 2026-05-26 indicator ~/.config/autostart/forge-js-worker.desktop 2026-05-26 indicator ~/Library/LaunchAgents/com.forgejs.worker.plist 2026-05-26 ttp T1195.002 2026-05-26 ttp T1547.001
