chai-plugin

MAL-2026-5904

npmtyposquat6/16/2026
Description

Malicious code in chai-plugin (npm)

Indicators of Compromise
SHA256 Hashes (4)
67e08b149ec19ba5622783cfdf864741264b5f6cbe5f56a15c8553c6f1ab5106
d8288900390b603834b85d1945f829d1c5386bd7cbca56ded07b27557ddb4d0f
955522a906103bb6eae62759721a35b120cdaffd1d2747a2f1b73b37c6d2d1db
9bbe8cb82be82f91cf6332988d29fcdd4e7574f766af4d524ce5c08edc9f94f6
References (4)
https://www.npmjs.com/package/chai-plugin/v/4.5.3OSVhttps://www.npmjs.com/package/chai-plugin/v/4.5.5OSVhttps://www.npmjs.com/package/chai-plugin/v/4.5.2OSVhttps://www.npmjs.com/package/chai-plugin/v/4.5.4OSV
Details
Ecosystemnpm
Attack Typetyposquat
Published6/16/2026
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001