google-caja-bower

MAL-2026-10186

npmdependency-confusion7/11/2026
Description

Malicious code in google-caja-bower (npm)

Indicators of Compromise
SHA256 Hashes (7)
1a88566ebea62a22b812cbf3e7f192bd8487663d26884e8158c4dcff6cdaadee
460c81d727321ff0c483e6cddb1d9e6247e65531a084efbcbef2fd58d8152cec
5147954990c9d6f9c492648393cd14c7dfde6f36b220b7a644834f0f3489bd54
aeb7b0bb13638a837ac5521c602b3bbffc268935ac499f9c1af64cfe4bc765a0
ce6481e3117c0b891baf893802d3f8425a9914ce404036a0862d4e3848e49003
e34339f1be6afb8a41b6dbe2f7d7c480d5a438a67ff119b235d1d98ffa2b2e4a
f4258589d39bb6d7551b5731b0407d72c0c83e443dc8f9f40d43e4438a297378
Details
Ecosystemnpm
Attack Typedependency-confusion
Published7/11/2026
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001