Malicious Package Affecting ratelimitsucks2 package, versions *
Threat Intelligence
Snyk has reported that there have been attempts or successful attacks targeting this vulnerability.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-JS-RATELIMITSUCKS2-17122672
- published2 Jun 2026
- disclosed1 Jun 2026
Introduced: 1 Jun 2026
New Malicious CVE NOT AVAILABLE CWE-506 (opens in a new tab)How to fix?
Avoid using all malicious instances of the ratelimitsucks2 package.
Overview
ratelimitsucks2 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising revenue through third-party ads and tracking scripts. It was published by the terminal3airport account, and its publication appears to be part of a broader spam and registry-abuse operation involving numerous similar packages.