Merge pull request #94 from l3montree-dev/add-reference-malicious-packages

Added malicious packages reference page

Author: Ph4t3

src/pages/reference/vulnerability-database/malicious-packages.mdx

@@ -7,6 +7,23 @@ import {
 } from '@/components/ui/tooltip'
 import PageContentComingSoon from '@/components/PageContentComingSoon'
 
-# Malicious Packages
+# OSSF Malicious Packages
 
-<PageContentComingSoon />
+The OSSF Malicious Packages repository is an open-source database containing reports of malicious packages identified across different open-source package repositories. 
+
+## Scope 
+Instead of listing unintentional weaknesses like CVEs, malicious packages focus more on intentional malicious patterns like typosquatting attacks, account takeovers, dependency confusion, or manifest confusion, just to name a few. 
+
+
+The OSSF explicitly defines malicious packages as those that, when installed or used, compromise system confidentiality, availability, and/or integrity.
+
+## Data Access
+
+Malicious packages can be accessed via the public [GitHub repository](https://github.com/ossf/malicious-packages), located in the osv directory.
+Additionally, the OSSF publishes [up-to-date statistics](https://ossf.github.io/malicious-packages/stats/) on total malicious packages. 
+
+## Malicious Packages in DevGuard
+
+DevGuard will be using Malicious Packages in the upcoming purl inspector:
+
+<PageContentComingSoon/>