worm-sign

A security scanner that detects npm packages compromised by supply chain attacks, including the TanStack wave 4 attack (May 2026), the Axios attack (March 2026), and Shai-Hulud malware.

Version 4.2.0 License MIT

Keywords

securityscannermalwareshai-huludwormvulnerabilitiesnpmyarnpnpmsupply-chaindevsecopsauditlockfileintegrityanalysis

INSTALL

Version:

Learn more

Readme

Files

Statistics Browse CDN

Statistics

Requests 0

Bandwidth 0

Top version - 0

Files are loading...

Selected files

No files selected. Select the files you want to use using the switches on the left.