com.baogong.app_push_permission

MAL-2026-2687

npmmalware4/15/2026

Description

Malicious code in com.baogong.app_push_permission (npm)

Indicators of Compromise

SHA256 Hashes (1)

b40174edd6c761d5a28ea499ba239d971a86d64a74addb0a2f20f24b49792ce8

References (1)

https://github.com/advisories/GHSA-pxg6-jw7c-gfmgOSV

Details

Ecosystemnpm

Attack Typemalware

Published4/15/2026

Aliases

GHSA-pxg6-jw7c-gfmg

Quick Actions

All Incidents npm Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001