Threats Tagged 'mal-2026-10050'
View all threats tagged with 'mal-2026-10050'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'mal-2026-10050'
Click on any threat for detailed analysis and mitigation recommendations
MAL-2026-10050: Malicious code in chai-defender (npm) 0 The npm package 'chai-defender' contains malicious code that executes attacker-controlled JavaScript during its installation. When required, it spawns a detached Node.js process that fetches code from a remote HTTP endpoint and executes it with access to Node's require function, enabling remote code execution. The package masquerades as a security-focused Chai assertions plugin but performs no legitimate assertion functionality. The malicious behavior affects multiple specific versions of the package. This poses a severe risk to any project that includes this package as it grants full remote code execution to the attacker controlling the remote server. Join the discussion | GCVE Database | 07/09/2026, 15:29:51 UTC Added: 07/10/2026, 09:24:44 UTC |
Showing 1 to 1 of 1 result