{"id":"MAL-2026-1671","summary":"Malicious code in chai-as-resolved (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (6f68c4df2837821306981ccb732721f9d6a1be9a7f096d6adc0ea53cd922bfe6)\nThe package chai-as-resolved was found to contain malicious code.\n","modified":"2026-03-23T05:40:17.688143Z","published":"2026-03-18T12:42:37Z","database_specific":{"malicious-packages-origins":[{"sha256":"cffe2b7d5c9740745def5bbf23230d76deba7c861ec22f91248225a44ad8e908","modified_time":"2026-03-18T12:42:37Z","import_time":"2026-03-19T12:18:37.732541633Z","id":"RLMA-2026-01157","versions":["2.3.2"],"source":"reversing-labs"},{"source":"amazon-inspector","modified_time":"2026-03-23T05:11:41Z","import_time":"2026-03-23T05:14:34.380276623Z","sha256":"6f68c4df2837821306981ccb732721f9d6a1be9a7f096d6adc0ea53cd922bfe6","versions":["2.3.2"]}]},"affected":[{"package":{"name":"chai-as-resolved","ecosystem":"npm","purl":"pkg:npm/chai-as-resolved"},"versions":["2.3.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-resolved/MAL-2026-1671.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}