{"id":"MAL-2026-1668","summary":"Malicious code in chai-as-produced (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (8741712e4e467670d7233e9312dc417f809f4f3d3af0a48d31a9693ad1391067)\nThe package chai-as-produced was found to contain malicious code.\n","modified":"2026-03-23T05:40:15.425078Z","published":"2026-03-18T12:42:25Z","database_specific":{"malicious-packages-origins":[{"source":"reversing-labs","modified_time":"2026-03-18T12:42:25Z","import_time":"2026-03-19T12:18:37.167502095Z","id":"RLMA-2026-01153","sha256":"611159c96e4f246e6a3ebc1d3244496bf635fae74ab7ba6adf72d174303aa7d5","versions":["7.0.1"]},{"source":"amazon-inspector","modified_time":"2026-03-23T05:11:41Z","import_time":"2026-03-23T05:14:22.519420651Z","sha256":"8741712e4e467670d7233e9312dc417f809f4f3d3af0a48d31a9693ad1391067","versions":["7.0.1"]}]},"affected":[{"package":{"name":"chai-as-produced","ecosystem":"npm","purl":"pkg:npm/chai-as-produced"},"versions":["7.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-produced/MAL-2026-1668.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}