Malicious code in pear-apps-lib-ui-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 325efdb6f86d5a55bf6cf0630f6fc6be87fbe387047929a31e4e5e55a8ea6cdf The package pear-apps-lib-ui-react-hooks was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1251 Malicious code in pear-apps-lib-ui-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 325efdb6f86d5a55bf6cf0630f6fc6be87fbe387047929a31e4e5e55a8ea6cdf The package pear-apps-lib-ui-react-hooks was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-3110

Malicious code in @riag-libs/pattern-library-react-hooks npm...

MAL-2026-259 Malicious code in @riag-libs/pattern-library-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64366b918bd4380cf8b087a445df7d86ef18b21686c577a9ed7bdd523aceac64 The package @riag-libs/pattern-library-react-hooks was found to contain malicious code. Source: ghsa-malware...

Malicious code in @riag-libs/pattern-library-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64366b918bd4380cf8b087a445df7d86ef18b21686c577a9ed7bdd523aceac64 The package @riag-libs/pattern-library-react-hooks was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview eslint-plugin-react-hooks-published is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization an...

Malicious code in eslint-plugin-react-hooks-published (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 647dedd2c8ea8a9cef54b85666b74459095d17369da310d54a0c1960f87dafe6 The package eslint-plugin-react-hooks-published was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199913

Malicious code in eslint-plugin-react-hooks-published npm...

MAL-2025-190757 Malicious code in @seung-ju/react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adf0b1f6ebc35246707044936c68dfe237eb92c6e65e24e87383fcfb2dbe55f The package @seung-ju/react-hooks was found to contain malicious code. Source: ghsa-malware...

Malicious code in @seung-ju/react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adf0b1f6ebc35246707044936c68dfe237eb92c6e65e24e87383fcfb2dbe55f The package @seung-ju/react-hooks was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-198779

Malicious code in @seung-ju/react-hooks npm...

@0xjwlabs/discord-rpc (=0.1.0), @0xsquid/react-hooks (>=1.0.0 <=2.0.0) +689 more potentially affected by CVE-2025-58754 via axios (>=0.28.0 <=0.30.1)

axios NPM version =0.28.0, =1.0.0, =3.0.0-beta.0, =2.10.1, =1.0.0, =0.1.0, =13.0.0, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =16.5.4 and more Source cves: CVE-2025-58754 Source advisory: OSV:GHSA-4HJH-WCWX-XVWJ...

Malicious code in basic-with-react-hooks (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7efadad57bdbe52801b9d31e36cd5cd4678d838d46d71c95ab940aee65a12bc Any computer that has this package installed or running should be considered...

MAL-2024-2875 Malicious code in plugin-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in plugin-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in @calizahq/react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 736249350ff22b093bcff8631c4b2722b245bb27b2ef003fdf490a7171dc3c77 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview plugin-react-hooks is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...