MAL-2026-10042: Malicious code in chai-as-disarmed (npm)
The npm package 'chai-as-disarmed' version 3.2.3 is a malicious typosquat of 'chai-as-promised' that impersonates 'pino' in its README and keywords to trick users into installing it. Upon requiring the package, it spawns a detached process that fetches a remote payload from a mutable third-party JSON storage service and executes it with full Node.js require access, enabling arbitrary code execution. This behavior is unrelated to the advertised functionality and allows the attacker to change the payload at any time without republishing the package.
AI Analysis
Technical Summary
The 'chai-as-disarmed' npm package (version 3.2.3) is a malicious typosquatting package designed to impersonate legitimate packages to bait installations. When required, it detaches a process that fetches a base64-encoded URL from a third-party JSON storage service, performing an authenticated GET request with headers hidden via base64 encoding. The fetched '.cookie' string is executed dynamically using 'new Function.constructor', granting the remote operator arbitrary code execution within the installer's Node.js environment with full access to 'require'. The remote payload can be updated at any time without republishing the package, making this a persistent and flexible attack vector.
Potential Impact
This malicious package enables remote attackers to execute arbitrary code on the systems of users who install and require it, with full access to Node.js modules via 'require'. This can lead to complete compromise of the affected environment, including data theft, system manipulation, or further malware deployment. The dynamic nature of the payload fetched from a mutable third-party JSON store increases the risk and persistence of the threat.
Mitigation Recommendations
No official patch or remediation is available for this malicious package. Users should immediately remove 'chai-as-disarmed' version 3.2.3 from their projects and dependency trees. Avoid installing packages with suspicious names that closely resemble popular legitimate packages (typosquatting). Verify package authenticity and source before installation. Consider using package integrity verification tools and lockfiles to prevent accidental installation of malicious packages.
MAL-2026-10042: Malicious code in chai-as-disarmed (npm)
Description
The npm package 'chai-as-disarmed' version 3.2.3 is a malicious typosquat of 'chai-as-promised' that impersonates 'pino' in its README and keywords to trick users into installing it. Upon requiring the package, it spawns a detached process that fetches a remote payload from a mutable third-party JSON storage service and executes it with full Node.js require access, enabling arbitrary code execution. This behavior is unrelated to the advertised functionality and allows the attacker to change the payload at any time without republishing the package.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The 'chai-as-disarmed' npm package (version 3.2.3) is a malicious typosquatting package designed to impersonate legitimate packages to bait installations. When required, it detaches a process that fetches a base64-encoded URL from a third-party JSON storage service, performing an authenticated GET request with headers hidden via base64 encoding. The fetched '.cookie' string is executed dynamically using 'new Function.constructor', granting the remote operator arbitrary code execution within the installer's Node.js environment with full access to 'require'. The remote payload can be updated at any time without republishing the package, making this a persistent and flexible attack vector.
Potential Impact
This malicious package enables remote attackers to execute arbitrary code on the systems of users who install and require it, with full access to Node.js modules via 'require'. This can lead to complete compromise of the affected environment, including data theft, system manipulation, or further malware deployment. The dynamic nature of the payload fetched from a mutable third-party JSON store increases the risk and persistence of the threat.
Mitigation Recommendations
No official patch or remediation is available for this malicious package. Users should immediately remove 'chai-as-disarmed' version 3.2.3 from their projects and dependency trees. Avoid installing packages with suspicious names that closely resemble popular legitimate packages (typosquatting). Verify package authenticity and source before installation. Consider using package integrity verification tools and lockfiles to prevent accidental installation of malicious packages.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- MAL-2026-10042
- Osv Schema Version
- 1.7.4
- Aliases
- []
- Ecosystems
- ["npm"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a50bac068715ace4358774d
Added to database: 07/10/2026, 09:26:24 UTC
Last enriched: 07/10/2026, 10:21:47 UTC
Last updated: 07/10/2026, 10:21:47 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.