{"id":"MAL-2026-5901","summary":"Malicious code in chai-as-polished (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b2ea0d46e0bb4382e8d684d025cb72b7f99e37874c571e9946ae1268b70be6cf)\nPackage name is a one-edit typosquat of the widely-used chai-as-promised, but the shipped code is unrelated to chai. The exported middleware spawns a detached, unref'd child process running lib/initializeCaller.js. That file constructs a fake `process.env` containing three base64-encoded fields which decode to the URL https://tomato-brunhilda-40.tiiny.site/index.json and the header `x-secret-key: _`, fetches that URL via axios, and passes `response.data.cookie` to `new Function.constructor('require', response)(require)` — executing arbitrary attacker-supplied JavaScript with the installer's Node `require` available. The base64 staging of the URL and header has no functional purpose other than to hide the destination from cursory review. tiiny.site is an anonymous static-hosting service whose contents the author can change at any time, so the executed payload is fully attacker-controlled and mutable. Triggering requires a consumer to invoke the package's middleware, which is the documented entry point for anyone deceived by the name into installing it.\n","modified":"2026-06-16T18:16:52.515259308Z","published":"2026-06-16T16:22:51Z","database_specific":{"malicious-packages-origins":[{"sha256":"b2ea0d46e0bb4382e8d684d025cb72b7f99e37874c571e9946ae1268b70be6cf","modified_time":"2026-06-16T16:22:51Z","import_time":"2026-06-16T18:10:20.669977583Z","id":"IN-MAL-2026-006794","versions":["7.0.8"],"source":"amazon-inspector"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/chai-as-polished/v/7.0.8"}],"affected":[{"package":{"name":"chai-as-polished","ecosystem":"npm","purl":"pkg:npm/chai-as-polished"},"versions":["7.0.8"],"database_specific":{"indicators":{"evidence_files":[{"path":"lib/initializeCaller.js","sha256":"23436f977c9bbe6d302f0f94e191b3dfd938e5a0417ec098d38b60b0ed0cb14f","tlsh":"9511c08e61fc200c046512e6b62f18126021e8673d86d5e47acc835b1f9567f7d936df"},{"path":"package.json","sha256":"37bf7c72ae1ea7e2d08b83932ee3297feb0f58a86143c678041379b82376b0f9","tlsh":"d3019c20de788e2300ed25824c2a064376619c175928fc1932d7522c0f9d5ff01bf21d"}],"package_integrity":[{"hashes":{"sha512_sri":"sha512-Qjbu4tcTETc5se5DrWODkJdEVtHTaTxI2wa1a2v1qbz4muEPr/eQZSlB6dzF67Vyuq7LE/wfUpfsri4T47pQBA==","sha1":"d56581217834ef8c89d84c63605e59a2422c3d62"},"filename":"chai-as-polished-7.0.8.tgz"}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-polished/MAL-2026-5901.json","cwes":[{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."}]}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}