CuteBoi is a software supply chain threat actor which has published over 550 malicious packages. As Checkmarx uncovered, this attacker has demonstrated new techniques that power him with automated NPM account creation.

This open-source project tracks CuteBoi‘s activity over time as there are evidence the actor is still active. All information provided here is intended for research purposes.


Sample files

The original package evidence sample files as they were originally published to NPM included with related metadata are available in the ./samples directory. Make sure to read the file before usage.


View Github